2 matches found
Fortinet FortiWeb Arbitrary file/directory deletion (FG-IR-21-158)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-158 advisory. - An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability CWE-22 in FortiWeb management...
CVE-2021-42753
CVE-2021-42753 describes a path traversal vulnerability in the FortiWeb management interface that may allow an authenticated attacker to perform arbitrary file and directory deletions in the device filesystem. Affected product scope includes FortiWeb versions 6.4.1 and below, 6.3.15 and below, an...