A relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to information disclosure via specially crafted web requests.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2023-27870 | A relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to information disclosure via specially crafted web requests. |
Fixes
Solution
Please upgrade to FortiWeb version 7.0.3 or above Please upgrade to FortiWeb version 6.3.21 or above
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-251 |
![]() ![]() |
History
Tue, 22 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: fortinet
Published:
Updated: 2024-10-22T20:50:15.670Z
Reserved: 2023-01-18T08:30:21.308Z
Link: CVE-2023-23784

Updated: 2024-08-02T10:42:25.809Z

Status : Modified
Published: 2023-02-16T19:15:14.517
Modified: 2024-11-21T07:46:49.557
Link: CVE-2023-23784

No data.

No data.