CVE-2024-48885
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-48885 is a path traversal vulnerability affecting various Fortinet products, including FortiRecorder versions 7.2.0 through 7.2.1 and 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, and FortiVoice versions 7.0.0 through 7.0.4, as well as versions 6.4.0 through 6.4.9 and 6.0.0 through 6.0.12. This issue arises due to an inadequate limitation of user input, enabling attackers to navigate outside the intended directory. By leveraging specially crafted packets, hackers can escalate privileges and potentially gain unauthorized access to sensitive information or systems. Users are advised to update their Fortinet software to the latest versions to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.