CVE-2024-40588

Summary

Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 all versions, FortiMail 6.4 all versions, FortiNDR 7.6.0 through 7.6.1, FortiNDR 7.4.0 through 7.4.6, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiRecorder 6.4 all versions, FortiVoice 7.0.0 through 7.0.3, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiCamera2.1.0 <= 2.1.4affected
FortinetFortiCamera2.0.0affected
FortinetFortiCamera1.1.0 <= 1.1.5affected
FortinetFortiCamera1.0.3 <= 1.0.5affected
FortinetFortiNDR7.6.0 <= 7.6.1affected
FortinetFortiNDR7.4.0 <= 7.4.6affected
FortinetFortiNDR7.2.0 <= 7.2.5affected
FortinetFortiNDR7.1.0 <= 7.1.1affected
FortinetFortiNDR7.0.0 <= 7.0.7affected
FortinetFortiMail7.6.0 <= 7.6.1affected
FortinetFortiMail7.4.0 <= 7.4.3affected
FortinetFortiMail7.2.0 <= 7.2.9affected
FortinetFortiMail7.0.0 <= 7.0.9affected
FortinetFortiMail6.4.0 <= 6.4.8affected
FortinetFortiRecorder7.2.0 <= 7.2.1affected
FortinetFortiRecorder7.0.0 <= 7.0.4affected
FortinetFortiRecorder6.4.0 <= 6.4.6affected
FortinetFortiVoice7.0.0 <= 7.0.3affected
FortinetFortiVoice6.4.0 <= 6.4.9affected
FortinetFortiVoice6.0.0 <= 6.0.12affected

Weaknesses

  • CWE-23: Improper access control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References