An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via sending crafted HTTP or HTTPS requests
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-219 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-01-10T17:48:00.502Z
Updated: 2024-08-02T17:23:27.749Z
Reserved: 2023-07-11T08:16:54.092Z
Link: CVE-2023-37932
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-10T18:15:45.570
Modified: 2024-11-21T08:12:29.797
Link: CVE-2023-37932
Redhat
No data.