CVE-2024-32116

MEDIUM Year: 2024
CVSS v3 Score
6.0
Medium
Weakness Type
CWE-23
View all →

Vulnerability Description

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to delete files from the underlying filesystem via crafted CLI requests.

Related Vulnerabilities

CVE-2024-20310

MEDIUM
CVSS:6.1(Medium)

A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scrip...

CWE-232024

CVE-2023-4914

MEDIUM
CVSS:5.8(Medium)

Relative Path Traversal in GitHub repository cecilapp/cecil prior to 7.47.1.

CWE-232023

CVE-2018-5448

MEDIUM
CVSS:5.7(Medium)

Medtronic 2090 CareLink Programmer’s software deployment network contains a directory traversal vulnerability that could allow an attacker to read files on the system.

CWE-232018

CVE-2020-8865

MEDIUM
CVSS:6.3(Medium)

This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The...

CWE-232020

CVE-2024-10019

MEDIUM
CVSS:6.3(Medium)

A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry) allows for path traversal and OS command injection. The function does not properly sanitize the `app_name` ...

CWE-232024

CVE-2018-13299

MEDIUM
CVSS:6.5(Medium)

Relative path traversal vulnerability in Attachment Uploader in Synology Calendar before 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter.

CWE-232018