Primary

Context

Fortinet FortiRecorder, FortiWeb, and FortiVoice Path Traversal Vulnerability Allowing Privilege Escalation

Vulnerability

A path traversal vulnerability has been identified in Fortinet FortiRecorder versions 7.2.0 through 7.2.1 and 7.0.0 through 7.0.4, as well as FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, and 6.4.0 through 6.4.3. Additionally, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, and 6.0.0 through 6.0.12 are affected. This vulnerability allows attackers to escalate privileges by sending specially crafted packets, taking advantage of improper restrictions on file paths that could lead to accessing unauthorized directories.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation on the affected system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiRecorder, FortiWeb, and FortiVoice Path Traversal Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

Fortinet FortiRecorder

Fortinet FortiWeb

Fortinet FortiVoice

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating