Path traversal

2023-10-1315:15:00

PRIOn knowledge base

www.prio-n.com

path traversal

directory restriction

denial of service

crafted http requests

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.1%

JSON

A improper limitation of a pathname to a restricted directory (‘path traversal’) in Fortinet FortiSandbox version 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 2.5.0 through 2.5.2 and 2.4.1 and 2.4.0 allows attacker to denial of service via crafted http requests.

CPENameOperatorVersion
fortisandboxge3.2.0
fortisandboxle3.2.4
fortisandboxeq4.4.0
fortisandboxge4.2.0
fortisandboxle4.2.5
fortisandboxge4.0.0
fortisandboxle4.0.3
fortisandboxge2.5.0
fortisandboxle2.5.2
fortisandboxge2.4.0

Name	Operator	Version
fortisandbox	ge	3.2.0
fortisandbox	le	3.2.4
fortisandbox	eq	4.4.0
fortisandbox	ge	4.2.0
fortisandbox	le	4.2.5
fortisandbox	ge	4.0.0
fortisandbox	le	4.0.3
fortisandbox	ge	2.5.0
fortisandbox	le	2.5.2
fortisandbox	ge	2.4.0

Rows per page:

1-10 of 111

References

fortiguard.com/psirt/FG-IR-23-280