FortiWeb - Path traversal in API controller


A relative path traversal vulnerability [CWE-23] in the API of FortiWeb may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.

Version Affected Solution
FortiWeb 7.0 7.0.0 through 7.0.2 Upgrade to 7.0.3 or above
FortiWeb 6.4 6.4 all versions Migrate to a fixed release
FortiWeb 6.3 6.3.6 through 6.3.20 Upgrade to 6.3.21 or above


Internally discovered and reported by Gwendal Guégniaud of the Fortinet Product Security team.