A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-393 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-06-13T08:41:42.277Z
Updated: 2024-08-03T13:10:40.871Z
Reserved: 2022-10-07T14:05:36.301Z
Link: CVE-2022-42474
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-06-13T09:15:15.597
Modified: 2023-11-07T03:53:22.440
Link: CVE-2022-42474
Redhat
No data.