CVE-2025-60024
published 2025-12-09CVE-2025-60024: Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortivoice | — | — |
| fortinet | fortivoice | >= 7.0.0 < 7.0.8 | 7.0.8 |
| fortinet | fortivoice | 7.0.0 – 7.0.7 | — |
| fortinet | fortivoice | >= 7.2.0 < 7.2.3 | 7.2.3 |
| fortinet | fortivoice | 7.2.0 – 7.2.2 | — |