Primary

Context

Fortinet FortiManager and FortiAnalyzer Path Traversal Vulnerability Allowing File Deletion

Vulnerability

A path traversal vulnerability has been identified in Fortinet FortiManager versions 7.4.0 through 7.4.2 and prior to 7.2.5, as well as in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.2 and prior to 7.2.5. This vulnerability allows an authenticated admin user with diagnose privileges to delete files on the system via the command-line interface.

Impact

Exploitation of this vulnerability could lead to unauthorized file deletion on the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiManager and FortiAnalyzer Path Traversal Vulnerability Allowing File Deletion

Vulnerability

Impact

Affected Products

Fortinet FortiManager

Fortinet FortiAnalyzer

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating