A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-21-156 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2022-04-06T16:00:26
Updated: 2022-04-06T16:00:26
Reserved: 2021-09-13T00:00:00
Link: CVE-2021-41026
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-06T16:15:08.070
Modified: 2022-04-13T18:06:41.087
Link: CVE-2021-41026
JSON object: View
Redhat Information
No data.
CWE