CVE-2024-40588: Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all…

medium4.4CVSS 3.1

AVLACLPRHUINSUCHINAN

Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 all versions, FortiMail 6.4 all versions, FortiNDR 7.6.0 through 7.6.1, FortiNDR 7.4.0 through 7.4.6, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiRecorder 6.4 all versions, FortiVoice 7.0.0 through 7.0.3, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests.

Affected

36 ranges· showing 25

Vendor	Product	Version range	Fixed in
fortinet	forticamera	—	—
fortinet	forticamera	—	—
fortinet	forticamera	1.0.3 – 1.0.5	—
fortinet	forticamera	1.1.0 – 1.1.5	—
fortinet	forticamera	2.1.0 – 2.1.4	—
fortinet	forticamera_firmware	2.0.0 – 2.1.4	—
fortinet	forticamerafirmware	—	—
fortinet	fortimail	—	—
fortinet	fortimail	>= 6.4.0 < 7.4.4	7.4.4
fortinet	fortimail	6.4.0 – 6.4.8	—
fortinet	fortimail	7.0.0 – 7.0.9	—
fortinet	fortimail	7.2.0 – 7.2.9	—
fortinet	fortimail	7.4.0 – 7.4.3	—
fortinet	fortimail	>= 7.6.0 < 7.6.2	7.6.2
fortinet	fortimail	7.6.0 – 7.6.1	—
fortinet	fortindr	—	—
fortinet	fortindr	>= 7.0.0 < 7.4.7	7.4.7
fortinet	fortindr	7.0.0 – 7.0.7	—
fortinet	fortindr	7.1.0 – 7.1.1	—
fortinet	fortindr	7.2.0 – 7.2.5	—
fortinet	fortindr	7.4.0 – 7.4.6	—
fortinet	fortindr	>= 7.6.0 < 7.6.2	7.6.2
fortinet	fortindr	7.6.0 – 7.6.1	—
fortinet	fortinet	—	—
fortinet	fortirecorder	—	—