CVE-2024-47566
CVSS 3.1 Score 5.1 of 10 (medium)
Details
Summary
CVE-2024-47566 is a newly disclosed vulnerability affecting Fortinet FortiRecorder versions 7.2.0 through 7.2.1 and older versions up to 7.0.4. This issue involves an improper limitation of a pathname, also known as path traversal (CWE-23), which allows a privileged attacker to manipulate crafted CLI requests to delete files from the underlying filesystem. This vulnerability poses a significant risk, as it can be exploited to gain unauthorized access and modify critical data. System administrators are strongly advised to update their FortiRecorder installations to the latest patched version to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- FortiRecorder