Fortinet FortiManager Relative Path Traversal Vulnerability Allowing File Deletion

Vulnerability

A relative path traversal vulnerability has been identified in Fortinet FortiManager versions 7.4.0 through 7.4.2 and prior to 7.2.5. This vulnerability allows a privileged attacker to delete files from the underlying filesystem by sending crafted HTTP or HTTPS requests.

Impact

Exploitation of this vulnerability could lead to unauthorized file deletion from the system's filesystem.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiManager Relative Path Traversal Vulnerability Allowing File Deletion

Vulnerability

Impact

Affected Products

Fortinet FortiManager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating