Vulnerability Details CVE-2024-48885
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.6%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2024-48885
-
cpe:2.3:a:fortinet:fortirecorder:7.0.0
-
cpe:2.3:a:fortinet:fortirecorder:7.0.1
-
cpe:2.3:a:fortinet:fortirecorder:7.0.2
-
cpe:2.3:a:fortinet:fortirecorder:7.0.3
-
cpe:2.3:a:fortinet:fortirecorder:7.0.4
-
cpe:2.3:a:fortinet:fortirecorder:7.2.0
-
cpe:2.3:a:fortinet:fortirecorder:7.2.1
-
cpe:2.3:a:fortinet:fortivoice:6.0.0
-
cpe:2.3:a:fortinet:fortivoice:6.0.1
-
cpe:2.3:a:fortinet:fortivoice:6.0.10
-
cpe:2.3:a:fortinet:fortivoice:6.0.11
-
cpe:2.3:a:fortinet:fortivoice:6.0.12
-
cpe:2.3:a:fortinet:fortivoice:6.0.2
-
cpe:2.3:a:fortinet:fortivoice:6.0.3
-
cpe:2.3:a:fortinet:fortivoice:6.0.4
-
cpe:2.3:a:fortinet:fortivoice:6.0.5
-
cpe:2.3:a:fortinet:fortivoice:6.0.6
-
cpe:2.3:a:fortinet:fortivoice:6.0.7
-
cpe:2.3:a:fortinet:fortivoice:6.0.8
-
cpe:2.3:a:fortinet:fortivoice:6.0.9
-
cpe:2.3:a:fortinet:fortivoice:6.4.0
-
cpe:2.3:a:fortinet:fortivoice:6.4.1
-
cpe:2.3:a:fortinet:fortivoice:6.4.10
-
cpe:2.3:a:fortinet:fortivoice:6.4.2
-
cpe:2.3:a:fortinet:fortivoice:6.4.3
-
cpe:2.3:a:fortinet:fortivoice:6.4.4
-
cpe:2.3:a:fortinet:fortivoice:6.4.5
-
cpe:2.3:a:fortinet:fortivoice:6.4.6
-
cpe:2.3:a:fortinet:fortivoice:6.4.7
-
cpe:2.3:a:fortinet:fortivoice:6.4.8
-
cpe:2.3:a:fortinet:fortivoice:6.4.9
-
cpe:2.3:a:fortinet:fortivoice:7.0.0
-
cpe:2.3:a:fortinet:fortivoice:7.0.1
-
cpe:2.3:a:fortinet:fortivoice:7.0.2
-
cpe:2.3:a:fortinet:fortivoice:7.0.3
-
cpe:2.3:a:fortinet:fortivoice:7.0.4
-
cpe:2.3:a:fortinet:fortivoice:7.0.5
-
cpe:2.3:a:fortinet:fortiweb:6.4.0
-
cpe:2.3:a:fortinet:fortiweb:6.4.1
-
cpe:2.3:a:fortinet:fortiweb:6.4.2
-
cpe:2.3:a:fortinet:fortiweb:6.4.3
-
cpe:2.3:a:fortinet:fortiweb:7.0.0
-
cpe:2.3:a:fortinet:fortiweb:7.0.1
-
cpe:2.3:a:fortinet:fortiweb:7.0.10
-
cpe:2.3:a:fortinet:fortiweb:7.0.11
-
cpe:2.3:a:fortinet:fortiweb:7.0.12
-
cpe:2.3:a:fortinet:fortiweb:7.0.2
-
cpe:2.3:a:fortinet:fortiweb:7.0.3
-
cpe:2.3:a:fortinet:fortiweb:7.0.4
-
cpe:2.3:a:fortinet:fortiweb:7.0.5
-
cpe:2.3:a:fortinet:fortiweb:7.0.6
-
cpe:2.3:a:fortinet:fortiweb:7.0.7
-
cpe:2.3:a:fortinet:fortiweb:7.0.8
-
cpe:2.3:a:fortinet:fortiweb:7.0.9
-
cpe:2.3:a:fortinet:fortiweb:7.2.0
-
cpe:2.3:a:fortinet:fortiweb:7.2.1
-
cpe:2.3:a:fortinet:fortiweb:7.2.10
-
cpe:2.3:a:fortinet:fortiweb:7.2.11
-
cpe:2.3:a:fortinet:fortiweb:7.2.12
-
cpe:2.3:a:fortinet:fortiweb:7.2.2
-
cpe:2.3:a:fortinet:fortiweb:7.2.3
-
cpe:2.3:a:fortinet:fortiweb:7.2.4
-
cpe:2.3:a:fortinet:fortiweb:7.2.5
-
cpe:2.3:a:fortinet:fortiweb:7.2.6
-
cpe:2.3:a:fortinet:fortiweb:7.2.7
-
cpe:2.3:a:fortinet:fortiweb:7.2.8
-
cpe:2.3:a:fortinet:fortiweb:7.2.9
-
cpe:2.3:a:fortinet:fortiweb:7.4.0
-
cpe:2.3:a:fortinet:fortiweb:7.4.1
-
cpe:2.3:a:fortinet:fortiweb:7.4.2
-
cpe:2.3:a:fortinet:fortiweb:7.4.3
-
cpe:2.3:a:fortinet:fortiweb:7.4.4
-
cpe:2.3:a:fortinet:fortiweb:7.6.0