VYPR
Unrated severityNVD Advisory· Published Apr 6, 2022· Updated Oct 22, 2024

CVE-2021-41026

CVE-2021-41026

Description

A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.

Affected products

2
  • Fortinet/Fortiwebllm-fuzzy2 versions
    6.3.0-6.3.15, 6.4.0, 6.4.1+ 1 more
    • (no CPE)range: 6.3.0-6.3.15, 6.4.0, 6.4.1
    • (no CPE)range: FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.