CVE-2023-42791

HIGH Year: 2023
CVSS v3 Score
8.8
High
Weakness Type
CWE-23
View all →

Vulnerability Description

A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests.

Related Vulnerabilities

CVE-2017-0918

HIGH
CVSS:8.8(High)

Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution.

CWE-232017

CVE-2017-13996

HIGH
CVSS:8.8(High)

A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not hav...

CWE-232017

CVE-2018-14795

HIGH
CVSS:8.8(High)

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files.

CWE-232018

CVE-2019-11826

HIGH
CVSS:8.8(High)

Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter.

CWE-232019

CVE-2019-3976

HIGH
CVSS:8.8(High)

RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a m...

CWE-232019

CVE-2020-12026

HIGH
CVSS:8.8(High)

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’...

CWE-232020