VYPR
Unrated severityNVD Advisory· Published Feb 16, 2023· Updated Oct 23, 2024

CVE-2022-41335

CVE-2022-41335

Description

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.

Affected products

6
  • Fortinet/Fortiswitchmanagerllm-fuzzy2 versions
    >=7.2.0; <7.0.0+ 1 more
    • (no CPE)range: >=7.2.0; <7.0.0
    • (no CPE)range: 7.2.0
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    >=7.2.0, <=7.2.1; >=7.0.0, <=7.0.7; <2.0.10+ 1 more
    • (no CPE)range: >=7.2.0, <=7.2.1; >=7.0.0, <=7.0.7; <2.0.10
    • (no CPE)range: 7.2.0
  • Fortinet/Fortiosllm-fuzzy2 versions
    >=7.0.0, <=7.0.8; >=7.2.0, <=7.2.2; <6.4.10+ 1 more
    • (no CPE)range: >=7.0.0, <=7.0.8; >=7.2.0, <=7.2.2; <6.4.10
    • (no CPE)range: 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.