PT-2025-36733 · Fortinet · Fortiweb
Published
2025-09-09
·
Updated
2025-09-26
·
CVE-2025-53609
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
FortiWeb versions 7.0.2 through 7.0.11
FortiWeb versions 7.2.0 through 7.2.11
FortiWeb versions 7.4.0 through 7.4.8
FortiWeb versions 7.6.0 through 7.6.4
Description:
A relative path traversal vulnerability may allow an authenticated attacker to perform an arbitrary file read on the underlying system via crafted requests.
Recommendations:
FortiWeb versions 7.0.2 through 7.0.11: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
FortiWeb versions 7.2.0 through 7.2.11: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
FortiWeb versions 7.4.0 through 7.4.8: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
FortiWeb versions 7.6.0 through 7.6.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortiweb