Headline
CVE-2022-41335: Fortiguard
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.
** PSIRT Advisories**
FortiOS, FortiProxy & FortiSwitchManager - Arbitrary read/write vulnerability in administrative interface
Summary
A relative path traversal vulnerability [CWE-23] in FortiOS, FortiProxy, and FortiSwitchManager may allow an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP or HTTPS requests.
Affected Products
FortiOS version 7.2.0 through 7.2.2
FortiOS version 7.0.0 through 7.0.8
FortiOS version 6.4.0 through 6.4.10
FortiOS version 6.2.0 through 6.2.12
FortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 2.0.0 through 2.0.10
FortiProxy version 1.2 all versions
FortiProxy version 1.1 all versions
FortiSwitchManager version 7.2.0
FortiSwitchManager version 7.0.0
Solutions
Please upgrade to FortiOS version 7.2.3 or above
Please upgrade to FortiOS version 7.0.9 or above
Please upgrade to FortiOS version 6.4.11 or above
Please upgrade to FortiOS version 6.2.13 or above
Please upgrade to FortiProxy version 7.2.2 or above
Please upgrade to FortiProxy version 7.0.8 or above
Please upgrade to FortiProxy version 2.0.11 or above
Please upgrade to FortiSwitchManager version 7.2.1 or above
Please upgrade to FortiSwitchManager version 7.0.1 or above
Acknowledgement
Internally discovered and reported by Théo Leleu of Fortinet Product Security team.