CVE-2024-48885 (GCVE-0-2024-48885)
Vulnerability from cvelistv5 – Published: 2025-01-16 09:01 – Updated: 2026-01-14 14:58
VLAI?
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets.
Severity ?
CWE
- CWE-22 - Escalation of privilege
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Fortinet | FortiRecorder |
Affected:
7.2.0 , ≤ 7.2.1
(semver)
Affected: 7.0.0 , ≤ 7.0.4 (semver) cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:* |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-48885",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T14:15:57.157206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T14:58:11.108Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiRecorder",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiWeb",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.0"
},
{
"lessThanOrEqual": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.3",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiVoice",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.9",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.12",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory (\u0027path traversal\u0027) vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T12:52:51.251Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiOS version 7.6.1 or above\nUpgrade to FortiOS version 7.4.5 or above\nUpgrade to FortiOS version 7.2.10 or above\nUpgrade to FortiOS version 7.0.16 or above\nUpgrade to FortiOS version 6.4.16 or above\nUpgrade to FortiRecorder version 7.2.2 or above\nUpgrade to FortiRecorder version 7.0.5 or above\nUpgrade to FortiProxy version 7.4.6 or above\nUpgrade to FortiProxy version 7.2.12 or above\nUpgrade to FortiProxy version 7.0.19 or above\nUpgrade to FortiWeb version 7.6.1 or above\nUpgrade to FortiWeb version 7.4.5 or above\nUpgrade to FortiManager Cloud version 7.4.4 or above\nUpgrade to upcoming FortiAuthenticator version 7.0.0 or above\nUpgrade to FortiManager version 7.6.2 or above\nUpgrade to FortiManager version 7.4.4 or above\nFortinet remediated this issue in FortiSASE version 24.3.c and hence customers do not need to perform any action.\nUpgrade to FortiVoice version 7.2.0 or above\nUpgrade to FortiVoice version 7.0.5 or above\nUpgrade to FortiVoice version 6.4.10 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-48885",
"datePublished": "2025-01-16T09:01:52.958Z",
"dateReserved": "2024-10-09T09:03:09.960Z",
"dateUpdated": "2026-01-14T14:58:11.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-48885\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2025-01-16T09:15:06.737\",\"lastModified\":\"2026-01-14T13:16:09.227\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A improper limitation of a pathname to a restricted directory (\u0027path traversal\u0027) vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets.\"},{\"lang\":\"es\",\"value\":\" Una limitaci\u00f3n incorrecta de una ruta de acceso a un directorio restringido (\\\"path traversal\\\") en Fortinet FortiRecorder versiones 7.2.0 a 7.2.1, 7.0.0 a 7.0.4, FortiWeb versiones 7.6.0, 7.4.0 a 7.4.4, 7.2.0 a 7.2.10, 7.0.0 a 7.0.10, 6.4.0 a 6.4.3, FortiVoice versiones 7.0.0 a 7.0.4, 6.4.0 a 6.4.9, 6.0.0 a 6.0.12 permite a un atacante escalar privilegios a trav\u00e9s de paquetes especialmente manipulados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.5\",\"matchCriteriaId\":\"CD60BA50-3F98-46BF-97E8-28AB207DE12A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.2\",\"matchCriteriaId\":\"C0B0D078-2F52-46B4-B9C0-162447828E1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndIncluding\":\"6.4.10\",\"matchCriteriaId\":\"BBF1E214-4BC5-47E8-BF02-072D6D830BAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndIncluding\":\"7.0.5\",\"matchCriteriaId\":\"5EEE0DFA-DE31-4D26-AC98-6BCED8F008DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.0\",\"versionEndExcluding\":\"7.4.5\",\"matchCriteriaId\":\"CDB9CE13-AAF4-418C-BA26-1A0D53C5C1C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28B43375-DA74-4C5F-BAEE-39F312EEF51F\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.fortinet.com/psirt/FG-IR-24-259\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-48885\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-16T14:15:57.157206Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-16T14:16:12.266Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiRecorder\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.1\"}, {\"status\": \"affected\", \"version\": \"7.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.4\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.11:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.11:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:7.0.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:6.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:6.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiWeb\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.6.0\"}, {\"status\": \"affected\", \"version\": \"7.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.4\"}, {\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.12\"}, {\"status\": \"affected\", \"version\": \"7.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.12\"}, {\"status\": \"affected\", \"version\": \"6.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.4.3\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiVoice\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.4\"}, {\"status\": \"affected\", \"version\": \"6.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.4.9\"}, {\"status\": \"affected\", \"version\": \"6.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.0.12\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to FortiOS version 7.6.1 or above\\nUpgrade to FortiOS version 7.4.5 or above\\nUpgrade to FortiOS version 7.2.10 or above\\nUpgrade to FortiOS version 7.0.16 or above\\nUpgrade to FortiOS version 6.4.16 or above\\nUpgrade to FortiRecorder version 7.2.2 or above\\nUpgrade to FortiRecorder version 7.0.5 or above\\nUpgrade to FortiProxy version 7.4.6 or above\\nUpgrade to FortiProxy version 7.2.12 or above\\nUpgrade to FortiProxy version 7.0.19 or above\\nUpgrade to FortiWeb version 7.6.1 or above\\nUpgrade to FortiWeb version 7.4.5 or above\\nUpgrade to FortiManager Cloud version 7.4.4 or above\\nUpgrade to upcoming FortiAuthenticator version 7.0.0 or above\\nUpgrade to FortiManager version 7.6.2 or above\\nUpgrade to FortiManager version 7.4.4 or above\\nFortinet remediated this issue in FortiSASE version 24.3.c and hence customers do not need to perform any action.\\nUpgrade to FortiVoice version 7.2.0 or above\\nUpgrade to FortiVoice version 7.0.5 or above\\nUpgrade to FortiVoice version 6.4.10 or above\"}], \"references\": [{\"url\": \"https://fortiguard.fortinet.com/psirt/FG-IR-24-259\", \"name\": \"https://fortiguard.fortinet.com/psirt/FG-IR-24-259\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A improper limitation of a pathname to a restricted directory (\u0027path traversal\u0027) vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"Escalation of privilege\"}]}], \"providerMetadata\": {\"orgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"shortName\": \"fortinet\", \"dateUpdated\": \"2026-01-14T12:52:51.251Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-48885\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-14T14:58:11.108Z\", \"dateReserved\": \"2024-10-09T09:03:09.960Z\", \"assignerOrgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"datePublished\": \"2025-01-16T09:01:52.958Z\", \"assignerShortName\": \"fortinet\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}