Path Traversal Vulnerability in FortiVoiceEntreprise Version 7.0.0 and Earlier: Unauthorized File Access
CVE-2023-37932 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via sending crafted HTTP or HTTPS requests
Learn more about our Web Application Penetration Testing UK.