A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
References
History

Tue, 22 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-06-13T08:41:42.277Z

Updated: 2024-10-22T20:46:07.625Z

Reserved: 2022-10-07T14:05:36.301Z

Link: CVE-2022-42474

cve-icon Vulnrichment

Updated: 2024-08-03T13:10:40.871Z

cve-icon NVD

Status : Modified

Published: 2023-06-13T09:15:15.597

Modified: 2024-11-21T07:25:02.533

Link: CVE-2022-42474

cve-icon Redhat

No data.