A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or HTTPs requests.

Related CVEs

CVE-2024-46664

Key Information

GHSA ID

GHSA-xx9m-2fc7-mhx8

Published

January 14, 2025 3:30 PM

Last Modified

January 14, 2025 3:30 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.