Vulnerabilities > Fortinet > Fortiextender Firmware > 4.0.2

DATE CVE VULNERABILITY TITLE RISK
2023-07-11 CVE-2022-23447 Path Traversal vulnerability in Fortinet Fortiextender Firmware
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
network
low complexity
fortinet CWE-22
7.5