** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1. through 5.1.2 may allow an authenticated attacker to read and delete arbitrary file of the system via crafted HTTP or HTTPs requests.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:HFortinet Fortiwan
APPFortinet5.1.15.1.25.2.05.2.1
Related vulnerabilities
Path traversal umożliwiający usunięcie plików i reset hasła admina w FortiWAN
Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before...
An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may ...
** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version...
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management ...