Path Traversal Vulnerability in Fortinet FortiPortal Versions 5.3.x and 6.x

Path Traversal Vulnerability in Fortinet FortiPortal Versions 5.3.x and 6.x

CVE-2021-36168 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x before 6.0.5, FortiPortal 5.3.x before 5.3.6 and any FortiPortal before 6.2.5 allows authenticated attacker to disclosure information via crafted GET request with malicious parameter values.

Learn more about our Cis Benchmark Audit For Fortinet.