CVE-2022-30301

Summary

A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands.

Affected Software

VendorProductVersion RangeStatus
FortinetFortinet FortiAP-UFortiAP-U 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6affected

Weaknesses

  • Execute unauthorized code or commands

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References