An improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability [CWE-22] in FortiManager, FortiAnalyzer & FortiAnalyzer-BigData may allow a privileged attacker to read arbitrary files from the underlying system via crafted HTTP or HTTPs requests. Revised on 2024-11-12 00:00:00
Arbitrary file read in administrative interface
- Osint10x Feeds
- Uncategorized
- November 12, 2024
Stay Updated with Our Newsletter
Recent Posts
- Interview with Pryx Part 2: Diving Deeper into Server-Side Stealers & Other Interesting Chit-chats
- LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
- Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices
- Vulnerability & Patch Roundup — November 2024
- Nearly 6 million people were impacted by ransomware attack on Ascension Health
Leave a Reply