VYPR
Unrated severityNVD Advisory· Published Aug 12, 2025· Updated Jan 14, 2026

CVE-2024-40588

CVE-2024-40588

Description

Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 all versions, FortiMail 6.4 all versions, FortiNDR 7.6.0 through 7.6.1, FortiNDR 7.4.0 through 7.4.6, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiRecorder 6.4 all versions, FortiVoice 7.0.0 through 7.0.3, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • Fortinet/FortiCameracpe-rescue2 versions
    cpe:2.3:a:fortinet:forticamera:2.1.4:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:forticamera:2.1.4:*:*:*:*:*:*:*range: 2.1.0
    • (no CPE)range: 2.1 all versions, 2.0.0, 1.1 all versions, 1.0 all versions
  • Fortinet/Fortimailv52 versions
    cpe:2.3:a:fortinet:fortimail:7.6.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortimail:7.6.1:*:*:*:*:*:*:*range: 7.6.0
    • (no CPE)range: 7.6.0 through 7.6.1, 7.4.0 through 7.4.3, 7.2 all versions, 7.0 all versions, 6.4 all versions
  • Fortinet/Fortindrv52 versions
    cpe:2.3:a:fortinet:fortindr:7.6.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortindr:7.6.1:*:*:*:*:*:*:*range: 7.6.0
    • (no CPE)range: 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2 all versions, 7.1 all versions, 7.0 all versions
  • cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*
    Range: 7.2.0
  • cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*
    Range: 7.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.