CVE-2023-44251

Summary

** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1. through 5.1.2 may allow an authenticated attacker to read and delete arbitrary file of the system via crafted HTTP or HTTPs requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiWAN5.2.0 <= 5.2.1affected
FortinetFortiWAN5.1.1 <= 5.1.2affected

Weaknesses

  • CWE-22: Execute unauthorized code or commands

ADP Enrichment

CVE Program Container

Additional References

References