FortiExtender – Path Traversal vulnerability

Fortiguard Security Advisory

An improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability [CWE-22] in FortiExtender management interface may allow an unauthenticated and remote attacker to retrieve¬†arbitrary files from the underlying filesystem via specially crafted web requests.

READ MORE