Multiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface 1.0.0 up to and including 3.2.x, 3.3.0 up to and including 3.3.2, 4.0.0 up to and including 4.0.1 may allow a remote and authenticated malicious user to retrieve and delete arbitrary files from the underlying filesystem via specially crafted web requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortideceptor 4.0.1 |
||
fortinet fortideceptor 4.0.0 |
||
fortinet fortideceptor |