Primary

Context

Fortinet FortiSOAR Path Traversal Vulnerability Allowing Arbitrary File Read

Vulnerability

Patched

A relative path traversal vulnerability has been identified in Fortinet FortiSOAR versions 7.6.0, 7.5.0 through 7.5.1, 7.4 (all versions), and 7.3 (all versions). This vulnerability may allow an authenticated attacker to read arbitrary files by uploading a malicious solution pack.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure by allowing attackers to read sensitive files on the server.

Remediation

Users of Fortinet FortiSOAR 7.6.0 should upgrade to 7.6.1 or above. Users of Fortinet FortiSOAR 7.5.0 through 7.5.1 should upgrade to 7.5.2 or above. Users of Fortinet FortiSOAR 7.4 or 7.3 should migrate to a fixed release.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.8

exploitability

4.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.8

exploitability

4.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiSOAR Path Traversal Vulnerability Allowing Arbitrary File Read

Vulnerability

Impact

Remediation

Affected Products

Fortinet FortiSOAR

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating