A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2.4.1 may allows attacker to information disclosure via crafted http requests.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-04-09T14:24:21.862Z

Updated: 2024-08-02T01:52:57.095Z

Reserved: 2024-04-04T12:52:41.585Z

Link: CVE-2024-31487

cve-icon Vulnrichment

Updated: 2024-07-15T17:19:33.196Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-09T15:15:31.753

Modified: 2024-12-23T15:05:45.840

Link: CVE-2024-31487

cve-icon Redhat

No data.