PSIRTPath Traversal vulnerability
Summary
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
| Version | Affected | Solution |
|---|---|---|
| FortiExtender 7.2 | Not affected | Not Applicable |
| FortiExtender 7.0 | 7.0.0 through 7.0.3 | Upgrade to 7.0.4 or above |
| FortiExtender 5.3 | 5.3 all versions | Migrate to a fixed release |
| FortiExtender 4.2 | 4.2.0 through 4.2.4 | Upgrade to 4.2.5 or above |
| FortiExtender 4.1 | 4.1.1 through 4.1.8 | Upgrade to 4.1.9 or above |
| FortiExtender 4.0 | 4.0.0 through 4.0.2 | Upgrade to 4.0.3 or above |
| FortiExtender 3.3 | 3.3.0 through 3.3.2 | Upgrade to 3.3.3 or above |
| FortiExtender 3.2 | 3.2.1 through 3.2.3 | Upgrade to 3.2.4 or above |
Acknowledgement
Fortinet is pleased to thank Bicking Thomas from TÜV Rheinland i-sec GmbH for reporting this vulnerability under responsible disclosure.Timeline
2023-07-11: Initial publication