** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in Fortinet FortiWAN version 5.2.0 up to and including 5.2.1 and version 5.1.1. up to and including 5.1.2 may allow an authenticated malicious user to read and delete arbitrary file of the system via crafted HTTP or HTTPs requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiwan 5.2.0 |
||
fortinet fortiwan 5.2.1 |
||
fortinet fortiwan 5.1.1 |
||
fortinet fortiwan 5.1.2 |