A relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 up to and including 7.0.1, 6.3.6 up to and including 6.3.18, 6.4 all versions may allow an authenticated malicious user to obtain unauthorized access to files and data via specifically crafted HTTP GET requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiweb 6.4.0 |
||
fortinet fortiweb 6.4.1 |
||
fortinet fortiweb 6.4.2 |
||
fortinet fortiweb 7.0.0 |
||
fortinet fortiweb 7.0.1 |
||
fortinet fortiweb |