VYPR
Unrated severityNVD Advisory· Published Mar 7, 2023· Updated Oct 23, 2024

CVE-2022-42476

CVE-2022-42476

Description

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests.

Affected products

4
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    7.2.0-7.2.2, 7.0.0-7.0.8+ 1 more
    • (no CPE)range: 7.2.0-7.2.2, 7.0.0-7.0.8
    • (no CPE)range: 7.2.0
  • Fortinet/Fortiosllm-fuzzy2 versions
    7.2.0-7.2.2, 7.0.0-7.0.8, <6.4.11+ 1 more
    • (no CPE)range: 7.2.0-7.2.2, 7.0.0-7.0.8, <6.4.11
    • (no CPE)range: 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.