CVE-2024-40588 Information

Description

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0 through 7.6.1 and before 7.4.3 FortiVoice version 7.0.0 through 7.0.5 and before 7.4.9 FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4 FortiCamera & FortiNDR version 7.6.0 and before 7.4.6 may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests.

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-24-309

Related CNNVD

CNNVD-202508-1252 (Published: 2025-08-12)