CVE-2024-55597

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:C

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWeb versions 7.0.0 through 7.6.0

Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'path traversal'. This allows an attacker to execute unauthorized code or commands via crafted requests.

Recommendations: For Fortinet FortiWeb versions 7.0.0 through 7.6.0, update to a version that fixes the 'path traversal' issue to prevent unauthorized code execution.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

BDU:2025-03650

CVE-2024-55597

ZDI-25-202

Affected Products

Fortiweb

CVE-2024-55597

Weakness Enumeration

Related Identifiers

Affected Products

References · 9