FortiClientEMS - Directory Traversal vulnerability
A path traversal vulnerability [CWE-22] in FortiClientEMS may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages.
FortiClientEMS version 6.4.1 and below.
FortiClientEMS version 6.2.8 and below.
Please upgrade to version 6.2.9 or above.
Please upgrade to version 6.4.2 or above.