Vulnerabilities > Fortinet > Fortirecorder > 6.4.3

DATE CVE VULNERABILITY TITLE RISK
2025-01-14 CVE-2024-46664 Path Traversal vulnerability in Fortinet Fortirecorder
A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or HTTPs requests.
network
low complexity
fortinet CWE-22
4.9
4.9
2025-01-14 CVE-2024-47566 Path Traversal vulnerability in Fortinet Fortirecorder
A improper limitation of a pathname to a restricted directory ('path traversal') [CWE-23] in Fortinet FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to delete files from the underlying filesystem via crafted CLI requests.
local
low complexity
fortinet CWE-22
6.0
6.0
2025-01-14 CVE-2024-56497 OS Command Injection vulnerability in Fortinet Fortimail and Fortirecorder
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiMail versions 7.2.0 through 7.2.4 and 7.0.0 through 7.0.6 and 6.4.0 through 6.4.7, FortiRecorder versions 7.0.0 and 6.4.0 through 6.4.4 allows attacker to execute unauthorized code or commands via the CLI.
local
low complexity
fortinet CWE-78
6.7
6.7