A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a privileged attacker to delete arbitrary directories from the underlying file system via crafted CLI commands.
2023-05-03T22:15:18.787
2024-11-21T07:53:53.663
Modified
CVSSv3.1: 6.0 (MEDIUM)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | fortinet | fortiadc | ≤ 7.0.5 | Yes |
Application | fortinet | fortiadc | < 7.1.2 | Yes |
Application | fortinet | fortiadc | 7.2.0 | Yes |