A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets.
2025-01-16T09:15:06.737
2025-09-24T15:25:58.637
Analyzed
CVSSv3.1: 5.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | fortinet | fortirecorder | < 7.0.5 | Yes |
| Application | fortinet | fortirecorder | < 7.2.2 | Yes |
| Application | fortinet | fortivoice | ≤ 6.4.10 | Yes |
| Application | fortinet | fortivoice | ≤ 7.0.5 | Yes |
| Application | fortinet | fortiweb | < 7.4.5 | Yes |
| Application | fortinet | fortiweb | 7.6.0 | Yes |