FortiADC - Path traversal vulnerability in CLI

May 3, 2023, 7 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

A relative path traversal vulnerability [CWE-23] in FortiADC may allow a privileged attacker to delete arbitrary directories from the underlying file system via crafted CLI commands.

cli cwe delete file file system fortiadc may path path traversal privileged relative system vulnerability

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

FortiOS - Web server ETag exposure 2 weeks, 2 days ago | fortiguard.fortinet.com

actor attacker cwe device +17

FortiSandbox - Arbitrary file read on endpoint 2 weeks, 2 days ago | fortiguard.fortinet.com

arbitrary files attacker cwe directory +12

FortiNAC-F - Lack of certificate validation 2 weeks, 2 days ago | fortiguard.fortinet.com

attack attacker certificate channel +12

FortiOS - Format String in CLI command 2 weeks, 2 days ago | fortiguard.fortinet.com

access admin arbitrary code attacker +16

FortiOS & FortiProxy - administrator cookie leakage 2 weeks, 2 days ago | fortiguard.fortinet.com

administrator attacker conditions cookie +10

FortiSandbox - Arbitrary file delete on endpoint 2 weeks, 2 days ago | fortiguard.fortinet.com

arbitrary files attacker cwe delete +13

FortiClientMac - Lack of configuration file validation 2 weeks, 2 days ago | fortiguard.fortinet.com

arbitrary code attacker code configuration +15

FortiManager - Code Injection via Jinja Template 2 weeks, 2 days ago | fortiguard.fortinet.com

arbitrary code attacker code code injection +11

FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution 2 weeks, 2 days ago | fortiguard.fortinet.com

access admin arbitrary code arbitrary code execution +16

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Cloud Technical Solutions Engineer, Security

@ Google | Mexico City, CDMX, Mexico

View on infosec-jobs.com

Assoc Eng Equipment Engineering

@ GlobalFoundries | SGP - Woodlands

View on infosec-jobs.com

Staff Security Engineer, Cloud Infrastructure

@ Flexport | Bellevue, WA; San Francisco, CA

View on infosec-jobs.com

Software Engineer III, Google Cloud Security and Privacy

@ Google | Sunnyvale, CA, USA

View on infosec-jobs.com

Software Engineering Manager II, Infrastructure, Google Cloud Security and Privacy

@ Google | San Francisco, CA, USA; Sunnyvale, CA, USA

View on infosec-jobs.com

View more jobs

all InfoSec news

FortiADC - Path traversal vulnerability in CLI

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

Jobs in InfoSec / Cybersecurity

SOC 2 Manager, Audit and Certification

Cloud Technical Solutions Engineer, Security

Assoc Eng Equipment Engineering

Staff Security Engineer, Cloud Infrastructure

Software Engineer III, Google Cloud Security and Privacy

Software Engineering Manager II, Infrastructure, Google Cloud Security and Privacy