Path traversal in upload message Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-24-552 Final 1 1 2025-05-13T00:00:00 Current version 2025-05-13T00:00:00 2025-05-13T00:00:00 A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS may allow a remote unauthenticated attacker to perform a limited arbitrary file write on the system via upload requests. None Execute unauthorized code or commands None Fortinet is pleased to thank Yaniv Nizry from Sonar for reporting this vulnerability under responsible disclosure. FortiClientEMS 7.4.1 FortiClientEMS 7.4.0 FortiClientEMS Cloud 7.4.1 FortiClientEMS Cloud 7.4.0 CVE-2025-22859 FortiClientEMS-7.4.1 FortiClientEMS-7.4.0 FortiClientEMS Cloud-7.4.1 FortiClientEMS Cloud-7.4.0 5.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-24-552 Path traversal in upload message Reference>