FortiExtender - Path Traversal vulnerability


An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.

Version Affected Solution
FortiExtender 7.2 Not affected Upgrade to 7.2.0 or above
FortiExtender 7.0 7.0.0 through 7.0.3 Upgrade to 7.0.4 or above
FortiExtender 5.3 5.3 all versions Migrate to a fixed release
FortiExtender 4.2 4.2.0 through 4.2.4 Upgrade to 4.2.5 or above
FortiExtender 4.1 4.1.1 through 4.1.8 Upgrade to 4.1.9 or above
FortiExtender 4.0 4.0.0 through 4.0.2 Upgrade to 4.0.3 or above
FortiExtender 3.3 3.3.0 through 3.3.2 Upgrade to 3.3.3 or above
FortiExtender 3.2 3.2.1 through 3.2.3 Upgrade to 3.2.4 or above


Fortinet is pleased to thank Bicking Thomas from TÜV Rheinland i-sec GmbH for reporting this vulnerability under responsible disclosure.


2023-07-07: Initial publication