Arbitrary file read on endpoint

Fortiguard Security Advisory

An improper limitation of a pathname to a restricted directory (‘Path Traversal’)┬ávulnerability |CWE-22] in FortiSandbox may allow an authenticated attacker with at least read-only permission to read arbitrary files via crafted http requests.


Leave a Reply

Your email address will not be published. Required fields are marked *