CVE-2023-27993

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Fortinet FortiADC versions 7.2.0 and prior to 7.1.1

Description A relative path traversal issue allows a privileged attacker to delete arbitrary directories from the underlying file system via crafted CLI commands. This issue is related to errors in processing relative paths to directories, which can be exploited to gain read, modify, or delete access to data.

Recommendations For Fortinet FortiADC versions 7.2.0 and prior to 7.1.1, consider restricting access to the CLI to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the use of crafted CLI commands that could be used to delete arbitrary directories.

Fix

Relative Path Traversal

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-23CWE-22

Related Identifiers

BDU:2023-02599

CVE-2023-27993

Affected Products

Fortiadc

CVE-2023-27993

Weakness Enumeration

Related Identifiers

Affected Products

References · 7