Press ESC to close

Arbitrary file read in administrative interface

An improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability [CWE-22] in FortiManager, FortiAnalyzer & FortiAnalyzer-BigData may allow a privileged attacker to read arbitrary files from the underlying system via crafted HTTP or HTTPs requests. Revised on 2024-11-12 00:00:00

Source: FortiGuard Labs

Published on: November 12, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *