CVE-2024-36512

Summary

CVE-2024-36512 is a path traversal vulnerability affecting Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, and 7.0.2 through 7.0.12, as well as 6.2.10 through 6.2.13. This issue allows attackers to execute unauthorized code or commands by exploiting an improper limitation of a pathname to a restricted directory. The vulnerability can be triggered through crafted HTTP or HTTPS requests. Successful exploitation could result in significant security risks for impacted organizations. It is strongly recommended that affected Fortinet users apply the relevant patches as soon as possible to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.