CVE-2024-36508

MEDIUM Year: 2024
CVSS v3 Score
6.0
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 CLI allows an authenticated admin user with diagnose privileges to delete files on the system.

Related Vulnerabilities

CVE-2016-7116

MEDIUM
CVSS:6.0(Medium)

Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified st...

CWE-222016

CVE-2017-8189

MEDIUM
CVSS:6.0(Medium)

FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vulnerability. Due to insufficient path validation, an attacker with high privilege may exploit this vulnerability to cover some files...

CWE-222017

CVE-2021-21908

MEDIUM
CVSS:6.0(Medium)

Specially-crafted command line arguments can lead to arbitrary file deletion. The handle_delete function does not attempt to sanitize or otherwise validate the contents of the [file] parameter (passed...

CWE-222021

CVE-2021-21909

MEDIUM
CVSS:6.0(Medium)

Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability

CWE-222021

CVE-2023-33310

MEDIUM
CVSS:6.0(Medium)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Valiano Unite Gallery Lite allows PHP Local File Inclusion.This issue affects Unite Gallery Lite: from n...

CWE-222023

CVE-2024-21753

MEDIUM
CVSS:6.0(Medium)

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiClientEMS versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.13, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9...

CWE-222024