An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and prior to 6.4.7 allows an authenticated malicious user to read arbitrary files from the system via sending crafted HTTP or HTTPS requests
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortivoice 7.0.0 |
||
fortinet fortivoice |