A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-181 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T12:11:04
Updated: 2024-08-04T02:59:31.271Z
Reserved: 2021-09-13T00:00:00
Link: CVE-2021-41024
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-12-08T13:15:07.957
Modified: 2021-12-09T19:26:22.320
Link: CVE-2021-41024
Redhat
No data.