FortiWeb - Path traversal via browse report CGI component


A relative path traversal vulnerability [CWE-23] in FortiWeb may allow an authenticated user to obtain unauthorized access to files and data via specifically crafted web requests.

Affected Products

At least
FortiWeb version 7.0.0 through 7.0.1
FortiWeb 6.2 all versions
FortiWeb 6.4 all versions
FortiWeb 6.3 all versions


Please upgrade to FortiWeb version 7.0.2 or above