exploitDog

CVE-2025-60024

Опубликовано: 09 дек. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands

Ссылки

https://fortiguard.fortinet.com/psirt/FG-IR-25-812
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*

Версия от 7.0.0 (включая) до 7.0.8 (исключая)

cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*

Версия от 7.2.0 (включая) до 7.2.3 (исключая)

EPSS

Процентиль: 20%

0.00063

Низкий

8.8 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-4xrp-fj9x-455x

CVSS3: 8.8

github

2 месяца назад

Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands

EPSS

Процентиль: 20%

0.00063

Низкий

8.8 High

CVSS3

Дефекты

CWE-22