Vulnerability Details CVE-2024-48885
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.0%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2024-48885
-
cpe:2.3:a:fortinet:fortirecorder:7.0.0
-
cpe:2.3:a:fortinet:fortirecorder:7.0.1
-
cpe:2.3:a:fortinet:fortirecorder:7.0.2
-
cpe:2.3:a:fortinet:fortirecorder:7.0.3
-
cpe:2.3:a:fortinet:fortirecorder:7.0.4
-
cpe:2.3:a:fortinet:fortirecorder:7.2.0
-
cpe:2.3:a:fortinet:fortirecorder:7.2.1
-
cpe:2.3:a:fortinet:fortivoice:6.0.0
-
cpe:2.3:a:fortinet:fortivoice:6.0.1
-
cpe:2.3:a:fortinet:fortivoice:6.0.10
-
cpe:2.3:a:fortinet:fortivoice:6.0.11
-
cpe:2.3:a:fortinet:fortivoice:6.0.12
-
cpe:2.3:a:fortinet:fortivoice:6.0.2
-
cpe:2.3:a:fortinet:fortivoice:6.0.3
-
cpe:2.3:a:fortinet:fortivoice:6.0.4
-
cpe:2.3:a:fortinet:fortivoice:6.0.5
-
cpe:2.3:a:fortinet:fortivoice:6.0.6
-
cpe:2.3:a:fortinet:fortivoice:6.0.7
-
cpe:2.3:a:fortinet:fortivoice:6.0.8
-
cpe:2.3:a:fortinet:fortivoice:6.0.9
-
cpe:2.3:a:fortinet:fortivoice:6.4.0
-
cpe:2.3:a:fortinet:fortivoice:6.4.1
-
cpe:2.3:a:fortinet:fortivoice:6.4.10
-
cpe:2.3:a:fortinet:fortivoice:6.4.2
-
cpe:2.3:a:fortinet:fortivoice:6.4.3
-
cpe:2.3:a:fortinet:fortivoice:6.4.4
-
cpe:2.3:a:fortinet:fortivoice:6.4.5
-
cpe:2.3:a:fortinet:fortivoice:6.4.6
-
cpe:2.3:a:fortinet:fortivoice:6.4.7
-
cpe:2.3:a:fortinet:fortivoice:6.4.8
-
cpe:2.3:a:fortinet:fortivoice:6.4.9
-
cpe:2.3:a:fortinet:fortivoice:7.0.0
-
cpe:2.3:a:fortinet:fortivoice:7.0.1
-
cpe:2.3:a:fortinet:fortivoice:7.0.2
-
cpe:2.3:a:fortinet:fortivoice:7.0.3
-
cpe:2.3:a:fortinet:fortivoice:7.0.4
-
cpe:2.3:a:fortinet:fortivoice:7.0.5
-
cpe:2.3:a:fortinet:fortiweb:6.4.0
-
cpe:2.3:a:fortinet:fortiweb:6.4.1
-
cpe:2.3:a:fortinet:fortiweb:6.4.2
-
cpe:2.3:a:fortinet:fortiweb:6.4.3
-
cpe:2.3:a:fortinet:fortiweb:7.0.0
-
cpe:2.3:a:fortinet:fortiweb:7.0.1
-
cpe:2.3:a:fortinet:fortiweb:7.0.10
-
cpe:2.3:a:fortinet:fortiweb:7.0.11
-
cpe:2.3:a:fortinet:fortiweb:7.0.2
-
cpe:2.3:a:fortinet:fortiweb:7.0.3
-
cpe:2.3:a:fortinet:fortiweb:7.0.4
-
cpe:2.3:a:fortinet:fortiweb:7.0.5
-
cpe:2.3:a:fortinet:fortiweb:7.0.6
-
cpe:2.3:a:fortinet:fortiweb:7.0.7
-
cpe:2.3:a:fortinet:fortiweb:7.0.8
-
cpe:2.3:a:fortinet:fortiweb:7.0.9
-
cpe:2.3:a:fortinet:fortiweb:7.2.0
-
cpe:2.3:a:fortinet:fortiweb:7.2.1
-
cpe:2.3:a:fortinet:fortiweb:7.2.10
-
cpe:2.3:a:fortinet:fortiweb:7.2.11
-
cpe:2.3:a:fortinet:fortiweb:7.2.2
-
cpe:2.3:a:fortinet:fortiweb:7.2.3
-
cpe:2.3:a:fortinet:fortiweb:7.2.4
-
cpe:2.3:a:fortinet:fortiweb:7.2.5
-
cpe:2.3:a:fortinet:fortiweb:7.2.6
-
cpe:2.3:a:fortinet:fortiweb:7.2.7
-
cpe:2.3:a:fortinet:fortiweb:7.2.8
-
cpe:2.3:a:fortinet:fortiweb:7.2.9
-
cpe:2.3:a:fortinet:fortiweb:7.4.0
-
cpe:2.3:a:fortinet:fortiweb:7.4.1
-
cpe:2.3:a:fortinet:fortiweb:7.4.2
-
cpe:2.3:a:fortinet:fortiweb:7.4.3
-
cpe:2.3:a:fortinet:fortiweb:7.4.4
-
cpe:2.3:a:fortinet:fortiweb:7.6.0