VYPR
Unrated severityCISA KEVNVD Advisory· Published Mar 7, 2023· Updated Oct 21, 2025

CVE-2022-41328

CVE-2022-41328

Description

A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands.

Affected products

2
  • Fortinet/Fortiosllm-fuzzy2 versions
    7.2.0-7.2.3, 7.0.0-7.0.9, <6.4.11+ 1 more
    • (no CPE)range: 7.2.0-7.2.3, 7.0.0-7.0.9, <6.4.11
    • (no CPE)range: 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.