APP: Fortinet Multiple Products csfd Directory Traversal
This signature detects attempts to exploit a known vulnerability against Fortinet Multiple Products. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets.
Affected Products
Fortinet fortiproxy
Short Name
APP:FORTINET-MUL-PTS-DT
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
CVE-2024-48884 CVE-2024-48885 Directory Fortinet Multiple Products Traversal csfd
Release Date
04/08/2025
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
Sigpack Version
3797
Port
TCP/8013
False Positive
Unknown
Vendors
Fortinet