CVE-2024-40588 — Relative Path Traversal in Fortinet Fortimail

CWE-23 — Relative Path Traversal4 documents4 sources

Severity

4.4MEDIUMNVD

EPSS

0.0%

top 92.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fortinet Fortimail Fortinet Fortindr Fortinet Fortirecorder +3 more

Timeline

PublishedAug 12

Description

Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 all versions, FortiMail 6.4 all versions, FortiNDR 7.6.0 through 7.6.1, FortiNDR 7.4.0 through 7.4.6, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiRecorder 7.2.0 …

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages10 packages

▶NVDfortinet/fortindr7.0.0 — 7.4.7+1

▶NVDfortinet/fortimail6.4.0 — 7.4.4+1

▶CVEListV5fortinet/fortindr7.6.0 — 7.6.1+4

▶CVEListV5fortinet/fortimail7.6.0 — 7.6.1+4

▶CVEListV5fortinet/forticamera2.1.0 — 2.1.4+3

🔴Vulnerability Details

GHSA

GHSA-hxwc-32r9-7287: Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7↗2025-08-12

▶

CVEList

CVE-2024-40588: Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2↗2025-08-12

▶

📋Vendor Advisories

Fortinet

Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiC...↗2025-08-12

▶