CVE-2025-68649

Summary

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through 7.4.7, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager Cloud 7.6.0 through 7.6.4, FortiManager Cloud 7.4.0 through 7.4.7, FortiManager Cloud 7.2 all versions, FortiManager Cloud 7.0 all versions may allow a privileged attacker to delete files from the underlying filesystem via crafted CLI requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiManager Cloud7.6.2 <= 7.6.4affected
FortinetFortiManager Cloud7.4.1 <= 7.4.7affected
FortinetFortiManager Cloud7.2.1 <= 7.2.12affected
FortinetFortiManager Cloud7.0.1 <= 7.0.16affected
FortinetFortiManager7.6.0 <= 7.6.4affected
FortinetFortiManager7.4.0 <= 7.4.7affected
FortinetFortiManager7.2.0 <= 7.2.12affected
FortinetFortiManager7.0.0 <= 7.0.16affected
FortinetFortiAnalyzer7.6.0 <= 7.6.4affected
FortinetFortiAnalyzer7.4.0 <= 7.4.7affected
FortinetFortiAnalyzer7.2.0 <= 7.2.12affected
FortinetFortiAnalyzer7.0.0 <= 7.0.16affected
FortinetFortiAnalyzer Cloud7.6.2affected
FortinetFortiAnalyzer Cloud7.4.1 <= 7.4.7affected
FortinetFortiAnalyzer Cloud7.2.1 <= 7.2.12affected
FortinetFortiAnalyzer Cloud7.0.1 <= 7.0.16affected

Weaknesses

  • CWE-22: Escalation of privilege

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References