Relative Path Traversal Vulnerability in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4

Relative Path Traversal Vulnerability in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4

CVE-2022-30300 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

A relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests.

Learn more about our Web App Pen Testing.