PT-2026-2473 · Fortinet · Fortivoice

Publicado

2026-01-13

Atualizado

2026-01-13

CVE-2025-58693

CVSS v2.0

8.5

Alta

Vetor

AV:N/AC:L/Au:S/C:N/I:C/A:C

Name of the Vulnerable Software and Affected Versions Fortinet FortiVoice versions 7.0.0 through 7.0.7 Fortinet FortiVoice versions 7.2.0 through 7.2.2

Description A path traversal issue exists in Fortinet FortiVoice. A privileged attacker can delete files from the underlying filesystem by sending specially crafted HTTP or HTTPS requests. The issue stems from insufficient validation of file paths, allowing access to restricted directories.

Recommendations Update Fortinet FortiVoice to a version later than 7.0.7. Update Fortinet FortiVoice to a version later than 7.2.2.

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

BDU:2026-05215

CVE-2025-58693

Produtos afetados

Fortivoice

PT-2026-2473 · Fortinet · Fortivoice

CVE-2025-58693

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5