VYPR
Medium severity6.5NVD Advisory· Published Apr 14, 2026· Updated May 6, 2026

CVE-2026-22573

CVE-2026-22573

Description

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5 all versions, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5 all versions, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to perform path traversal attack via File Content Extraction actions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*range: >=7.3.0,<=7.3.3
    • (no CPE)range: 7.3.0 - 7.6.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.