CVE-2022-42474 Information

Description

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3 version 7.0.0 through 7.0.9 and before 6.4.12 FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7 FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.

Reference

https://fortiguard.com/psirt/FG-IR-22-393