CVE-2025-58693
published 2026-01-13CVE-2025-58693: An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0…
medium6.5CVSS 3.1
AVNACLPRHUINSUCNIHAH
An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 allows a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortivoice | — | — |
| fortinet | fortivoice | >= 7.0.0 < 7.0.8 | 7.0.8 |
| fortinet | fortivoice | 7.0.0 – 7.0.7 | — |
| fortinet | fortivoice | >= 7.2.0 < 7.2.3 | 7.2.3 |
| fortinet | fortivoice | 7.2.0 – 7.2.2 | — |