CVE-2024-48885
Published: 16 January 2025
Description
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets.
Security Summary
CVE-2024-48885 is an improper limitation of a pathname to a restricted directory vulnerability, classified under CWE-22 as a path traversal issue. It affects multiple Fortinet products, including FortiRecorder versions 7.2.0 through 7.2.1 and 7.0.0 through 7.0.4; FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, and 6.0 all versions; and FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2 all versions, 7.0 all versions, and 6.4 all versions. The flaw enables privilege escalation through specially crafted packets and carries a CVSS v3.1 base score of 5.3 (AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
Exploitation requires an attacker to have low privileges (PR:L) and involves a network-based attack (AV:N) with high complexity (AC:H) and no user interaction (UI:N). Successful exploitation allows the attacker to escalate privileges, resulting in a high impact on availability (A:H) with no impact on confidentiality or integrity.
Mitigation details are available in the Fortinet PSIRT advisory at https://fortiguard.fortinet.com/psirt/FG-IR-24-259.
Details
- CWE(s)