Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A improper limitation of a pathname to a restricted directory ('path traversal') [CWE-23] in Fortinet FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to delete files from the underlying filesystem via crafted CLI requests.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Fortinet FortiRecorder 路径遍历漏洞
Vulnerability Description
Fortinet FortiRecorder是美国飞塔(Fortinet)公司的一套基于Web的网络视频录像机管理系统。 Fortinet FortiRecorder存在路径遍历漏洞,该漏洞源于将路径名不正确地限制到受限目录,导致路径遍历漏洞。特权攻击者利用该漏洞可以通过精心设计的CLI请求从底层文件系统中删除文件。
CVSS Information
N/A
Vulnerability Type
N/A