Path traversal vulnerability Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-21-213 Final 1 1 2022-07-05T00:00:00 Current version 2022-07-05T00:00:00 2022-07-05T00:00:00 Multiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface may allow a remote and authenticated attacker to retrieve and delete arbitrary files from the underlying filesystem via specially crafted web requests. None Information disclosure FortiDeceptor version 1.0.0 through 1.0.1FortiDeceptor version 1.1.0FortiDeceptor version 2.0.0FortiDeceptor version 2.1.0FortiDeceptor version 3.0.0 through 3.0.2FortiDeceptor version 3.1.0 through 3.1.1FortiDeceptor version 3.2.0 through 3.2.2FortiDeceptor version 3.3.0 through 3.3.2FortiDeceptor version 4.0.0 through 4.0.1 Please upgrade to FortiDeceptor version 4.1.0 or above Please upgrade to FortiDeceptor version 4.0.2 or above Please upgrade to FortiDeceptor version 3.3.3 or above Internally discovered and reported by Wilfried Djettchou of Fortinet Product Security team. CVE-2022-30302 7.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:F/RL:U/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-21-213 Path traversal vulnerability Reference>