CVE-2024-46664
published 2025-01-14CVE-2024-46664: A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the…
medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or HTTPs requests.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortirecorder | — | — |
| fortinet | fortirecorder | >= 6.4.0 < 7.0.5 | 7.0.5 |
| fortinet | fortirecorder | 6.4.0 – 6.4.5 | — |
| fortinet | fortirecorder | 7.0.0 – 7.0.4 | — |
| fortinet | fortirecorder | >= 7.2.0 < 7.2.2 | 7.2.2 |
| fortinet | fortirecorder | 7.2.0 – 7.2.1 | — |