A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-369 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-03-07T16:04:52.461Z
Updated: 2024-08-03T12:42:46.124Z
Reserved: 2022-09-23T15:07:35.781Z
Link: CVE-2022-41328
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-03-07T17:15:12.093
Modified: 2024-06-28T13:41:47.953
Link: CVE-2022-41328
Redhat
No data.