HIGH🇬🇧 English

CVE-2022-30301

CVSS 7.8v3.1pub. 2022-07-19upd. 2024-11-21

A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Fortinet Fortiap U

    APP
    Fortinet
    5.4.05.4.35.4.45.4.55.4.66.2.0 – 6.2.36.0.0 – 6.0.4
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path Traversal
CWE
Referencje

Powiązane podatności

CVE-2023-36634HIGH7.1ten sam produkt

An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command li...

CVE-2022-29058HIGH7.8ten sam produkt

An improper neutralization of special elements [CWE-89] used in an OS command vulnerability [CWE-78] in the co...

CVE-2025-53680MEDIUM6.7ten sam produkt

An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [C...

CVE-2023-25608MEDIUM5.5ten sam produkt

An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command li...

CVE-2019-15709MEDIUM6.5ten sam produkt

An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI ad...