Security Advisory

CVE-2025-25254

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-08 14:02:44

Last updated 2026-02-26 18:28:41

Assigner fortinet

State PUBLISHED

Description

An Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability [CWE-22] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, 7.2 all versions, 7.0 all versions endpoint may allow an authenticated admin to access and modify the filesystem via crafted requests.

← Browse all CVEs View on cve.org ↗