Relative Path Traversal Vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager

Relative Path Traversal Vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager

CVE-2022-41335 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.

Learn more about our Cis Benchmark Audit For Apple Ios.