Relative Path Traversal Vulnerability in FortiWeb Versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15

Relative Path Traversal Vulnerability in FortiWeb Versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15

CVE-2021-41026 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.

Learn more about our Web App Pen Testing.