** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1. through 5.1.2 may allow an authenticated attacker to read and delete arbitrary file of the system via crafted HTTP or HTTPs requests.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-23-265 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Dec 2023, 17:34
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:fortinet:fortiwan:5.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwan:5.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwan:5.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwan:5.2.0:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
References | () https://fortiguard.com/psirt/FG-IR-23-265 - Vendor Advisory |
13 Dec 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-13 09:15
Updated : 2024-02-05 00:22
NVD link : CVE-2023-44251
Mitre link : CVE-2023-44251
CVE.ORG link : CVE-2023-44251
JSON object : View
Products Affected
fortinet
- fortiwan
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')