Primary

Context

Fortinet FortiVoice Path Traversal Vulnerability Allowing Arbitrary File Deletion

Vulnerability

Patched

A path traversal vulnerability has been identified in Fortinet FortiVoice versions 7.2.0 to 7.2.2 and 7.0.0 to 7.0.7. This vulnerability allows a privileged attacker to delete files from the underlying filesystem by sending crafted HTTP or HTTPS requests.

Impact

Exploitation of this vulnerability could lead to unauthorized deletion of files from the system.

Remediation

Users can upgrade to Fortinet FortiVoice version 7.2.3 or above for the 7.2.x series, and to version 7.0.8 or above for the 7.0.x series.

Added: Jan 13, 2026, 5:30 PM

Updated: Jan 13, 2026, 5:30 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.4

remediation

7.7

relevance

2.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.4

remediation

7.7

relevance

2.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiVoice Path Traversal Vulnerability Allowing Arbitrary File Deletion

Vulnerability

Impact

Remediation

Affected Products

Fortinet FortiVoice

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating