A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 up to and including 7.2.3 and 7.0.0 up to and including 7.0.8 and 6.4.0 up to and including 6.4.12 and 6.2.0 up to and including 6.2.11 allows malicious user to execute unauthorized code or commands via crafted HTTP requests.