CVE-2023-44251

** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1. through 5.1.2 may allow an authenticated attacker to read and delete arbitrary file of the system via crafted HTTP or HTTPs requests.
References
Link Resource
https://fortiguard.com/psirt/FG-IR-23-265 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:fortiwan:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiwan:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiwan:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiwan:5.2.1:*:*:*:*:*:*:*

History

18 Dec 2023, 17:34

Type Values Removed Values Added
CPE cpe:2.3:a:fortinet:fortiwan:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiwan:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiwan:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiwan:5.2.0:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
References () https://fortiguard.com/psirt/FG-IR-23-265 - () https://fortiguard.com/psirt/FG-IR-23-265 - Vendor Advisory

13 Dec 2023, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-13 09:15

Updated : 2024-02-05 00:22


NVD link : CVE-2023-44251

Mitre link : CVE-2023-44251

CVE.ORG link : CVE-2023-44251


JSON object : View

Products Affected

fortinet

  • fortiwan
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')