CVE-2023-25606 Information

Description

An improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability [CWE-23] in FortiAnalyzer and FortiManager management interface 7.2.0 through 7.2.1 7.0.0 through 7.0.5 6.4  all versions may allow a remote and authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.

Reference

https://fortiguard.com/psirt/FG-IR-22-471