Share 
## https://sploitus.com/exploit?id=SAINT:A50AF7D716DE5A0850F5CA88B38E7089
Added: 03/18/2024  


### Background

Fortinet Wireless Manager (FortiWLM) allows you to manage wireless networks on FortiGates. 

### Problem

A command injection vulnerability allows unauthenticated attackers to execute arbitrary commands by calling the `deleteprogressfile` function with a specially crafted `progressfile` parameter. 

### Resolution

Upgrade to FortiWLM 8.5.5 or 8.6.6 or higher. 

### References

https://www.fortiguard.com/psirt/FG-IR-23-140   
https://www.horizon3.ai/attack-research/attack-blogs/fortiwlm-the-almost-story-for-the-forti-forty/   


### Platforms

FortiWLM