A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized malicious user to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiproxy 7.0.0 |
||
fortinet fortios 7.0.0 |
||
fortinet fortios 7.0.1 |