5 matches found
CVE-2022-30299
A path traversal vulnerability CWE-23 in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially...
Fortinet FortiWeb Relative path traversal in web API (FG-IR-22-146)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-146 advisory. - A path traversal vulnerability CWE-23 in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6....
CVE-2022-30299
creationtimestamp| type| source ---|---|--- 2023-02-16 22:17:36+00:00| seen| https://t.me/cibsecurity/58348...
CVE-2022-30299
A path traversal vulnerability CWE-23 in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially...
CVE-2022-30299
FortiWeb CVE-2022-30299 describes a path traversal (CWE-23) vulnerability in the FortiWeb API that could allow an attacker to retrieve parts of the underlying file system via specially crafted web requests. Affected FortiWeb versions are: 6.0, 6.1, 6.2, 6.3.0–6.3.19, 6.4, and 7.0.0–7.0.1. The iss...