A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-391 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:05:14.761Z
Updated: 2024-08-03T12:42:46.229Z
Reserved: 2022-09-23T15:07:35.783Z
Link: CVE-2022-41335
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-16T19:15:13.513
Modified: 2023-11-07T03:52:48.110
Link: CVE-2022-41335
Redhat
No data.