Lucene search
K

3 matches found

EUVD
EUVD
added 2026/04/14 6:30 p.m.5 views

EUVD-2025-209452

An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...

6CVSS5.9AI score0.00498EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/19 12:0 a.m.9 views

The vulnerability in the implementation of the TACACS+ protocol for the proxy server used by FortiProxy, as well as the local management platform FortiSwitchManager and the operating system FortiOS, allows a perpetrator to bypass authentication procedures and gain access to the device.

The vulnerability of the TACACS+ protocol implementation of the proxy server used to protect FortiProxy against internet attacks, as well as the FortiSwitchManager local management platform and the FortiOS operating system, is related to the absence of authentication for a critical function...

10CVSS5.5AI score0.00804EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.7 views

The vulnerabilities in the web interface of FortiOS, the local software product FortiSwitch Manager, and the proxy server FortiProxy, designed for protecting against internet attacks, allow attackers to read and write files on a basic Linux system.

The vulnerability in the web interface of FortiOS operating systems, the local software management platform FortiSwitch Manager, and the proxy server for internet attack protection, FortiProxy, is related to errors in processing the relative path to the directory. Exploiting this vulnerability...

9CVSS7.4AI score0.00927EPSS
Exploits0References3Affected Software3
Rows per page
Query Builder