cvelistv5 - cve-2025-60024

CVE-2025-60024 (GCVE-0-2025-60024)

Vulnerability from cvelistv5 – Published: 2025-12-09 17:18 – Updated: 2025-12-10 04:57

Summary

Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands

Severity ?

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE

CWE-22 - Escalation of privilege

Assigner

fortinet

References

URL

Tags

https://fortiguard.fortinet.com/psirt/FG-IR-25-812

Impacted products

	Vendor	Product	Version
	Fortinet	FortiVoice	Affected: 7.2.0 , ≤ 7.2.2 (semver) Affected: 7.0.0 , ≤ 7.0.7 (semver) cpe:2.3:a:fortinet:fortivoice:7.2.2:::::::* cpe:2.3:a:fortinet:fortivoice:7.2.1:::::::* cpe:2.3:a:fortinet:fortivoice:7.2.0:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.7:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.6:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.5:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.4:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.3:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.2:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.1:::::::* cpe:2.3:a:fortinet:fortivoice:7.0.0:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-60024",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-09T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-10T04:57:31.736Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortivoice:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiVoice",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.7",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Improper Limitations of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "Escalation of privilege",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-09T17:18:44.551Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-812",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-812"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to upcoming  FortiVoice version 7.2.3 or above\nUpgrade to FortiVoice version 7.0.8 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2025-60024",
    "datePublished": "2025-12-09T17:18:44.551Z",
    "dateReserved": "2025-09-25T07:32:39.417Z",
    "dateUpdated": "2025-12-10T04:57:31.736Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-60024\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2025-12-09T18:15:55.820\",\"lastModified\":\"2025-12-09T20:25:36.103\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple Improper Limitations of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.8\",\"matchCriteriaId\":\"40DCDAF0-5F6C-41E3-B269-2CAD08D18FE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.3\",\"matchCriteriaId\":\"9ED85222-4F3D-4B10-91FD-CB476CAF9652\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.fortinet.com/psirt/FG-IR-25-812\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-60024\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-09T20:21:40.697710Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-09T20:21:44.502Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:fortinet:fortivoice:7.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiVoice\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.2\"}, {\"status\": \"affected\", \"version\": \"7.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.7\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to upcoming  FortiVoice version 7.2.3 or above\\nUpgrade to FortiVoice version 7.0.8 or above\"}], \"references\": [{\"url\": \"https://fortiguard.fortinet.com/psirt/FG-IR-25-812\", \"name\": \"https://fortiguard.fortinet.com/psirt/FG-IR-25-812\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multiple Improper Limitations of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"Escalation of privilege\"}]}], \"providerMetadata\": {\"orgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"shortName\": \"fortinet\", \"dateUpdated\": \"2025-12-09T17:18:44.551Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-60024\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-10T04:57:31.736Z\", \"dateReserved\": \"2025-09-25T07:32:39.417Z\", \"assignerOrgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"datePublished\": \"2025-12-09T17:18:44.551Z\", \"assignerShortName\": \"fortinet\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2025-60024

Vulnerability from fkie_nvd - Published: 2025-12-09 18:15 - Updated: 2025-12-09 20:25

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-25-812	Vendor Advisory

Impacted products

	Vendor	Product	Version
	fortinet	fortivoice	*
	fortinet	fortivoice	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40DCDAF0-5F6C-41E3-B269-2CAD08D18FE0",
              "versionEndExcluding": "7.0.8",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED85222-4F3D-4B10-91FD-CB476CAF9652",
              "versionEndExcluding": "7.2.3",
              "versionStartIncluding": "7.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Improper Limitations of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands"
    }
  ],
  "id": "CVE-2025-60024",
  "lastModified": "2025-12-09T20:25:36.103",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "psirt@fortinet.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-12-09T18:15:55.820",
  "references": [
    {
      "source": "psirt@fortinet.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-812"
    }
  ],
  "sourceIdentifier": "psirt@fortinet.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "psirt@fortinet.com",
      "type": "Primary"
    }
  ]
}

CERTFR-2025-AVI-1084

Vulnerability from certfr_avis - Published: 2025-12-10 - Updated: 2025-12-10

De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

L'éditeur précise que la version 24.2 de FortiSandbox Cloud sera publiée ultérieurement.

Impacted products

Vendor	Product	Description
Fortinet	FortiAnalyzer	FortiAnalyzer versions 7.2.x antérieures à 7.2.6
Fortinet	FortiOS	FortiOS versions 7.6.x antérieures à 7.6.4
Fortinet	FortiSOAR	FortiSOAR PaaS versions antérieures à 7.5.2
Fortinet	FortiVoice	FortiVoice versions 7.2.x antérieures à 7.2.3
Fortinet	FortiSOAR	FortiSOAR PaaS versions 7.6.x antérieures à 7.6.3
Fortinet	FortiSOAR	FortiSOAR on-premise versions 7.6.x antérieures à 7.6.3
Fortinet	FortiWeb	FortiWeb versions 7.6.x antérieures à 7.6.6
Fortinet	N/A	FortiExtender versions antérieures à 7.4.8
Fortinet	FortiProxy	FortiProxy versions 7.0.x antérieures à 7.0.22
Fortinet	FortiManager	FortiManager versions 7.4.x antérieures à 7.4.3
Fortinet	FortiManager	FortiManager versions antérieures à 7.2.6
Fortinet	FortiSRA	FortiSRA versions antérieures à 1.5.x
Fortinet	FortiSandbox	FortiSandbox versions 5.0.x antérieures à 5.0.3
Fortinet	FortiPortal	FortiPortal versions antérieures à 7.4.6
Fortinet	FortiProxy	FortiProxy versions 7.2.x antérieures à 7.2.15
Fortinet	FortiSwitch	FortiSwitchManager versions 7.2.x antérieures à 7.2.7
Fortinet	FortiOS	FortiOS versions 7.4.x antérieures à 7.4.9
Fortinet	FortiWeb	FortiWeb versions 7.2.x antérieures à 7.2.12
Fortinet	FortiOS	FortiOS versions 7.2.x antérieures à 7.2.12
Fortinet	FortiAnalyzer	FortiAnalyzer versions 7.4.x antérieures à 7.4.3
Fortinet	FortiWeb	FortiWeb versions 8.0.x antérieures à 8.0.2
Fortinet	FortiSandbox	FortiSandbox Cloud versions antérieures à 24.2
Fortinet	N/A	FortiExtender versions 7.6.x antérieures à 7.6.4
Fortinet	FortiOS	FortiOS versions antérieures à 7.0.18
Fortinet	FortiSASE	FortiSASE versions 24.1.x antérieures à 24.1.c
Fortinet	FortiSandbox	FortiSandbox versions 4.x antérieures à 4.4.8
Fortinet	FortiWeb	FortiWeb versions 7.0.x antérieures à 7.0.12
Fortinet	FortiVoice	FortiVoice versions antérieures à 7.0.8
Fortinet	FortiSOAR	FortiSOAR on-premise versions antérieures à 7.5.2
Fortinet	FortiProxy	FortiProxy versions 7.4.x antérieures à 7.4.11
Fortinet	FortiPAM	FortiPAM versions antérieures à 1.5.x
Fortinet	FortiAuthenticator	FortiAuthenticator versions antérieures à 6.6.7
Fortinet	FortiSwitch	FortiSwitchManager versions 7.0.x antérieures à 7.0.6
Fortinet	FortiProxy	FortiProxy versions 7.6.x antérieures à 7.6.4
Fortinet	FortiWeb	FortiWeb versions 7.4.x antérieures à 7.4.11

References

Title

Publication Time

Tags

Bulletin de sécurité Fortinet FG-IR-25-411	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-479	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-24-268	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-362	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-599	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-24-133	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-616	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-812	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-739	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-984	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-945	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-477	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-647	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-601	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-454	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-032	2025-12-09	vendor-advisory
Bulletin de sécurité Fortinet FG-IR-25-554	2025-12-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FortiAnalyzer versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
      "product": {
        "name": "FortiAnalyzer",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiOS versions 7.6.x ant\u00e9rieures \u00e0 7.6.4",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSOAR PaaS versions ant\u00e9rieures \u00e0 7.5.2",
      "product": {
        "name": "FortiSOAR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions 7.2.x ant\u00e9rieures \u00e0 7.2.3",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSOAR PaaS versions 7.6.x ant\u00e9rieures \u00e0 7.6.3",
      "product": {
        "name": "FortiSOAR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSOAR on-premise versions 7.6.x ant\u00e9rieures \u00e0 7.6.3",
      "product": {
        "name": "FortiSOAR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiWeb versions 7.6.x ant\u00e9rieures \u00e0 7.6.6",
      "product": {
        "name": "FortiWeb",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiExtender versions ant\u00e9rieures \u00e0 7.4.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiProxy versions 7.0.x ant\u00e9rieures \u00e0 7.0.22",
      "product": {
        "name": "FortiProxy",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiManager versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
      "product": {
        "name": "FortiManager",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiManager versions ant\u00e9rieures \u00e0 7.2.6",
      "product": {
        "name": "FortiManager",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSRA versions ant\u00e9rieures \u00e0 1.5.x",
      "product": {
        "name": "FortiSRA",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSandbox versions 5.0.x ant\u00e9rieures \u00e0 5.0.3",
      "product": {
        "name": "FortiSandbox",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiPortal versions ant\u00e9rieures \u00e0 7.4.6",
      "product": {
        "name": "FortiPortal",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiProxy versions 7.2.x ant\u00e9rieures \u00e0 7.2.15",
      "product": {
        "name": "FortiProxy",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSwitchManager versions 7.2.x ant\u00e9rieures \u00e0 7.2.7",
      "product": {
        "name": "FortiSwitch",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiOS versions 7.4.x ant\u00e9rieures \u00e0 7.4.9",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiWeb versions 7.2.x ant\u00e9rieures \u00e0 7.2.12",
      "product": {
        "name": "FortiWeb",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiOS versions 7.2.x ant\u00e9rieures \u00e0 7.2.12",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiAnalyzer versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
      "product": {
        "name": "FortiAnalyzer",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiWeb versions 8.0.x ant\u00e9rieures \u00e0 8.0.2",
      "product": {
        "name": "FortiWeb",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSandbox Cloud versions ant\u00e9rieures \u00e0 24.2",
      "product": {
        "name": "FortiSandbox",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiExtender versions 7.6.x ant\u00e9rieures \u00e0 7.6.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiOS versions ant\u00e9rieures \u00e0 7.0.18",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSASE versions 24.1.x ant\u00e9rieures \u00e0 24.1.c",
      "product": {
        "name": "FortiSASE",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSandbox versions 4.x ant\u00e9rieures \u00e0 4.4.8",
      "product": {
        "name": "FortiSandbox",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiWeb versions 7.0.x ant\u00e9rieures \u00e0 7.0.12",
      "product": {
        "name": "FortiWeb",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiVoice versions ant\u00e9rieures \u00e0 7.0.8",
      "product": {
        "name": "FortiVoice",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSOAR on-premise versions ant\u00e9rieures \u00e0 7.5.2",
      "product": {
        "name": "FortiSOAR",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiProxy versions 7.4.x ant\u00e9rieures \u00e0 7.4.11",
      "product": {
        "name": "FortiProxy",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiPAM versions ant\u00e9rieures \u00e0 1.5.x",
      "product": {
        "name": "FortiPAM",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiAuthenticator versions ant\u00e9rieures \u00e0 6.6.7",
      "product": {
        "name": "FortiAuthenticator",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiSwitchManager versions 7.0.x ant\u00e9rieures \u00e0 7.0.6",
      "product": {
        "name": "FortiSwitch",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiProxy versions 7.6.x ant\u00e9rieures \u00e0 7.6.4",
      "product": {
        "name": "FortiProxy",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiWeb versions 7.4.x ant\u00e9rieures \u00e0 7.4.11",
      "product": {
        "name": "FortiWeb",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "L\u0027\u00e9diteur pr\u00e9cise que la version 24.2 de FortiSandbox Cloud sera publi\u00e9e ult\u00e9rieurement.",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-60024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60024"
    },
    {
      "name": "CVE-2025-64153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64153"
    },
    {
      "name": "CVE-2025-57823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-57823"
    },
    {
      "name": "CVE-2024-40593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40593"
    },
    {
      "name": "CVE-2025-53679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53679"
    },
    {
      "name": "CVE-2025-62631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62631"
    },
    {
      "name": "CVE-2025-54353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54353"
    },
    {
      "name": "CVE-2025-53949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53949"
    },
    {
      "name": "CVE-2025-59719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59719"
    },
    {
      "name": "CVE-2025-59810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59810"
    },
    {
      "name": "CVE-2025-64471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64471"
    },
    {
      "name": "CVE-2025-64447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64447"
    },
    {
      "name": "CVE-2024-47570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47570"
    },
    {
      "name": "CVE-2025-59808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59808"
    },
    {
      "name": "CVE-2025-54838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54838"
    },
    {
      "name": "CVE-2025-59923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59923"
    },
    {
      "name": "CVE-2025-64156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64156"
    },
    {
      "name": "CVE-2025-59718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59718"
    }
  ],
  "initial_release_date": "2025-12-10T00:00:00",
  "last_revision_date": "2025-12-10T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1084",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection SQL (SQLi)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Fortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
  "vendor_advisories": [
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-411",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-411"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-479",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-479"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-268",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-268"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-362",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-362"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-599",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-599"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-133",
      "url": "https://www.fortiguard.com/psirt/FG-IR-24-133"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-616",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-616"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-812",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-812"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-739",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-739"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-984",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-984"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-945",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-945"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-477",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-477"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-647",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-647"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-601",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-601"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-454",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-454"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-032",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-032"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-25-554",
      "url": "https://www.fortiguard.com/psirt/FG-IR-25-554"
    }
  ]
}

GHSA-4XRP-FJ9X-455X

Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-60024"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-09T18:15:55Z",
    "severity": "HIGH"
  },
  "details": "Multiple Improper Limitations of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands",
  "id": "GHSA-4xrp-fj9x-455x",
  "modified": "2025-12-09T18:30:46Z",
  "published": "2025-12-09T18:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60024"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-812"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-60024 (GCVE-0-2025-60024)

FKIE_CVE-2025-60024

CERTFR-2025-AVI-1084

Solutions

GHSA-4XRP-FJ9X-455X

Tags

Sightings

Nomenclature