A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 may allow a remote authenticated attacker with access to the security fabric interface and port to write arbitrary files or a remote unauthenticated attacker to delete an arbitrary folder
2025-01-14T14:15:32.873
2025-08-08T16:00:27.530
Analyzed
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | fortinet | fortimanager | < 7.4.4 | Yes |
| Application | fortinet | fortimanager | < 7.6.2 | Yes |
| Application | fortinet | fortimanager_cloud | < 7.4.4 | Yes |
| Application | fortinet | fortiproxy | < 7.0.19 | Yes |
| Application | fortinet | fortiproxy | < 7.2.12 | Yes |
| Application | fortinet | fortiproxy | < 7.4.6 | Yes |
| Application | fortinet | fortirecorder | < 7.0.5 | Yes |
| Application | fortinet | fortirecorder | < 7.2.2 | Yes |
| Application | fortinet | fortivoice | ≤ 6.4.10 | Yes |
| Application | fortinet | fortivoice | ≤ 7.0.5 | Yes |
| Application | fortinet | fortiweb | < 7.4.5 | Yes |
| Application | fortinet | fortiweb | 7.6.0 | Yes |
| Operating System | fortinet | fortios | < 6.4.16 | Yes |
| Operating System | fortinet | fortios | < 7.0.16 | Yes |
| Operating System | fortinet | fortios | < 7.2.10 | Yes |
| Operating System | fortinet | fortios | < 7.4.5 | Yes |
| Operating System | fortinet | fortios | 7.6.0 | Yes |