Vulnerability Details CVE-2024-48885
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.9%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2024-48885
-
cpe:2.3:a:fortinet:fortirecorder:7.0.0
-
cpe:2.3:a:fortinet:fortirecorder:7.0.1
-
cpe:2.3:a:fortinet:fortirecorder:7.0.2
-
cpe:2.3:a:fortinet:fortirecorder:7.0.3
-
cpe:2.3:a:fortinet:fortirecorder:7.0.4
-
cpe:2.3:a:fortinet:fortirecorder:7.2.0
-
cpe:2.3:a:fortinet:fortirecorder:7.2.1
-
cpe:2.3:a:fortinet:fortivoice:6.0.0
-
cpe:2.3:a:fortinet:fortivoice:6.0.1
-
cpe:2.3:a:fortinet:fortivoice:6.0.10
-
cpe:2.3:a:fortinet:fortivoice:6.0.11
-
cpe:2.3:a:fortinet:fortivoice:6.0.12
-
cpe:2.3:a:fortinet:fortivoice:6.0.2
-
cpe:2.3:a:fortinet:fortivoice:6.0.3
-
cpe:2.3:a:fortinet:fortivoice:6.0.4
-
cpe:2.3:a:fortinet:fortivoice:6.0.5
-
cpe:2.3:a:fortinet:fortivoice:6.0.6
-
cpe:2.3:a:fortinet:fortivoice:6.0.7
-
cpe:2.3:a:fortinet:fortivoice:6.0.8
-
cpe:2.3:a:fortinet:fortivoice:6.0.9
-
cpe:2.3:a:fortinet:fortivoice:6.4.0
-
cpe:2.3:a:fortinet:fortivoice:6.4.1
-
cpe:2.3:a:fortinet:fortivoice:6.4.10
-
cpe:2.3:a:fortinet:fortivoice:6.4.2
-
cpe:2.3:a:fortinet:fortivoice:6.4.3
-
cpe:2.3:a:fortinet:fortivoice:6.4.4
-
cpe:2.3:a:fortinet:fortivoice:6.4.5
-
cpe:2.3:a:fortinet:fortivoice:6.4.6
-
cpe:2.3:a:fortinet:fortivoice:6.4.7
-
cpe:2.3:a:fortinet:fortivoice:6.4.8
-
cpe:2.3:a:fortinet:fortivoice:6.4.9
-
cpe:2.3:a:fortinet:fortivoice:7.0.0
-
cpe:2.3:a:fortinet:fortivoice:7.0.1
-
cpe:2.3:a:fortinet:fortivoice:7.0.2
-
cpe:2.3:a:fortinet:fortivoice:7.0.3
-
cpe:2.3:a:fortinet:fortivoice:7.0.4
-
cpe:2.3:a:fortinet:fortivoice:7.0.5
-
cpe:2.3:a:fortinet:fortiweb:6.4.0
-
cpe:2.3:a:fortinet:fortiweb:6.4.1
-
cpe:2.3:a:fortinet:fortiweb:6.4.2
-
cpe:2.3:a:fortinet:fortiweb:6.4.3
-
cpe:2.3:a:fortinet:fortiweb:7.0.0
-
cpe:2.3:a:fortinet:fortiweb:7.0.1
-
cpe:2.3:a:fortinet:fortiweb:7.0.10
-
cpe:2.3:a:fortinet:fortiweb:7.0.11
-
cpe:2.3:a:fortinet:fortiweb:7.0.12
-
cpe:2.3:a:fortinet:fortiweb:7.0.2
-
cpe:2.3:a:fortinet:fortiweb:7.0.3
-
cpe:2.3:a:fortinet:fortiweb:7.0.4
-
cpe:2.3:a:fortinet:fortiweb:7.0.5
-
cpe:2.3:a:fortinet:fortiweb:7.0.6
-
cpe:2.3:a:fortinet:fortiweb:7.0.7
-
cpe:2.3:a:fortinet:fortiweb:7.0.8
-
cpe:2.3:a:fortinet:fortiweb:7.0.9
-
cpe:2.3:a:fortinet:fortiweb:7.2.0
-
cpe:2.3:a:fortinet:fortiweb:7.2.1
-
cpe:2.3:a:fortinet:fortiweb:7.2.10
-
cpe:2.3:a:fortinet:fortiweb:7.2.11
-
cpe:2.3:a:fortinet:fortiweb:7.2.12
-
cpe:2.3:a:fortinet:fortiweb:7.2.2
-
cpe:2.3:a:fortinet:fortiweb:7.2.3
-
cpe:2.3:a:fortinet:fortiweb:7.2.4
-
cpe:2.3:a:fortinet:fortiweb:7.2.5
-
cpe:2.3:a:fortinet:fortiweb:7.2.6
-
cpe:2.3:a:fortinet:fortiweb:7.2.7
-
cpe:2.3:a:fortinet:fortiweb:7.2.8
-
cpe:2.3:a:fortinet:fortiweb:7.2.9
-
cpe:2.3:a:fortinet:fortiweb:7.4.0
-
cpe:2.3:a:fortinet:fortiweb:7.4.1
-
cpe:2.3:a:fortinet:fortiweb:7.4.2
-
cpe:2.3:a:fortinet:fortiweb:7.4.3
-
cpe:2.3:a:fortinet:fortiweb:7.4.4
-
cpe:2.3:a:fortinet:fortiweb:7.6.0