CVE-2023-37932 Information

Description

An improper limitation of a pathname to a restricted directory (‘path traversal’) vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via sending crafted HTTP or HTTPS requests

Reference

https://fortiguard.com/psirt/FG-IR-23-219