Fortinet FortiMail
Moderate fix3 remedies
cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*
Moderate fix3 remedies
- >= 7.6.0, <= 7.6.1
- >= 7.4.0, <= 7.4.3
- >= 7.2
- >= 7.0
- >= 6.4
Fortinet FortiMail, FortiVoice, FortiRecorder, FortiCamera, and FortiNDR Relative Path Traversal Vulnerability Allowing File Read
Vulnerability
Patched
Multiple relative path traversal vulnerabilities have been identified in Fortinet FortiMail versions 7.6.0 through 7.6.1 and prior to 7.4.3, FortiVoice versions 7.0.0 through 7.0.5 and prior to 7.4.9, FortiRecorder versions 7.2.0 through 7.2.1 and prior to 7.0.4, as well as FortiCamera and FortiNDR versions 7.6.0 and prior to 7.4.6. These vulnerabilities may allow a privileged attacker to read files from the underlying filesystem by sending crafted CLI requests.
Impact
Exploitation of these vulnerabilities could lead to improper access control, allowing unauthorized file read operations from the underlying filesystem.
Remediation
Users can upgrade FortiMail to version 7.6.2 or 7.4.4, FortiVoice to version 7.0.5 or 6.4.10, FortiRecorder to version 7.2.2 or 7.0.5, FortiCamera to version 2.0.1 or above, and FortiNDR to version 7.6.2 or 7.4.7. For FortiVoice 6.0 users, migrating to a fixed release is recommended.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
3.4impact
2.5exploitability
3.5remediation
7.7relevance
0.3threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.