What is the severity of FG-IR-24-259?

The severity of FG-IR-24-259 is considered high as it involves path traversal vulnerabilities that can allow remote attackers to access restricted directories.

How do I fix FG-IR-24-259?

To fix FG-IR-24-259, update affected Fortinet products to the recommended versions listed in the advisory.

Which versions are affected by FG-IR-24-259?

Versions of FortiManager, FortiOS, FortiProxy, FortiRecorder, FortiVoice, and FortiWeb prior to the mentioned remediation versions are affected by FG-IR-24-259.

Can FG-IR-24-259 be exploited remotely?

Yes, FG-IR-24-259 can be exploited by remote authenticated attackers with access to the security fabric interface.

Is authentication required to exploit FG-IR-24-259?

Yes, the exploit for FG-IR-24-259 requires the attacker to be authenticated.

Vulnerability/
FG-IR-24-259

high

7.1

CWE

14/1/2025

16/1/2025

FG-IR-24-259: Path traversal in csfd daemon

First published: Tue Jan 14 2025(Updated: )

An improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in FortiManager, FortiOS, FortiProxy, FortiRecorder, FortiVoice and FortiWeb may allow a remote authenticated attacker with access to the security fabric interface and port to write arbitrary files and a remote unauthenticated attacker with the same network access to delete an arbitrary folder.

Affected Software	Affected Version	How to fix
Fortinet FortiManager	>=7.6.0<=7.6.1
Fortinet FortiManager	>=7.4.1<=7.4.3
Fortinet FortiManager Cloud	>=7.4.1<=7.4.3
Fortinet FortiOS IPS Engine	=.
Fortinet FortiOS IPS Engine	>=7.4.0<=7.4.4
Fortinet FortiOS IPS Engine	>=7.2.0<=7.2.9
Fortinet FortiOS IPS Engine	>=7.0.0<=7.0.15
Fortinet FortiOS IPS Engine	>=6.4
Fortinet FortiProxy	>=7.4.0<=7.4.5
Fortinet FortiProxy	>=7.2.0<=7.2.11
Fortinet FortiProxy	>=7.0.0<=7.0.18
Fortinet FortiProxy	>=2.0
Fortinet FortiProxy	>=1.2
Fortinet FortiProxy	>=1.1
Fortinet FortiProxy	>=1.0
Fortinet FortiRecorder 400D	>=7.2.0<=7.2.1
Fortinet FortiRecorder 400D	>=7.0.0<=7.0.4
Fortinet FortiVoice Enterprise	>=7.0.0<=7.0.4
Fortinet FortiVoice Enterprise	>=6.4.0<=6.4.9
Fortinet FortiVoice Enterprise	>=6.0
Fortinet FortiWeb	=.
Fortinet FortiWeb	>=7.4.0<=7.4.4
Fortinet FortiWeb	>=7.2
Fortinet FortiWeb	>=7.0
Fortinet FortiWeb	>=6.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of FG-IR-24-259?
The severity of FG-IR-24-259 is considered high as it involves path traversal vulnerabilities that can allow remote attackers to access restricted directories.
How do I fix FG-IR-24-259?
To fix FG-IR-24-259, update affected Fortinet products to the recommended versions listed in the advisory.
Which versions are affected by FG-IR-24-259?
Versions of FortiManager, FortiOS, FortiProxy, FortiRecorder, FortiVoice, and FortiWeb prior to the mentioned remediation versions are affected by FG-IR-24-259.
Can FG-IR-24-259 be exploited remotely?
Yes, FG-IR-24-259 can be exploited by remote authenticated attackers with access to the security fabric interface.
Is authentication required to exploit FG-IR-24-259?
Yes, the exploit for FG-IR-24-259 requires the attacker to be authenticated.

collector/fortiguard-psirt-latest
source/FortiGuard
alias/CVE-2024-48884
agent/type
agent/severity
agent/last-modified-date
agent/references
agent/title
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/fortiguard-psirt
alias/CVE-2024-48885
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/fortinet
canonical/fortinet fortimanager
version/fortinet fortimanager/7.6.0
version/fortinet fortimanager/7.6.1
version/fortinet fortimanager/7.4.1
version/fortinet fortimanager/7.4.3
canonical/fortinet fortimanager cloud
version/fortinet fortimanager cloud/7.4.1
version/fortinet fortimanager cloud/7.4.3
canonical/fortinet fortios ips engine
version/fortinet fortios ips engine/.
version/fortinet fortios ips engine/7.4.0
version/fortinet fortios ips engine/7.4.4
version/fortinet fortios ips engine/7.2.0
version/fortinet fortios ips engine/7.2.9
version/fortinet fortios ips engine/7.0.0
version/fortinet fortios ips engine/7.0.15
version/fortinet fortios ips engine/6.4
canonical/fortinet fortiproxy
version/fortinet fortiproxy/7.4.0
version/fortinet fortiproxy/7.4.5
version/fortinet fortiproxy/7.2.0
version/fortinet fortiproxy/7.2.11
version/fortinet fortiproxy/7.0.0
version/fortinet fortiproxy/7.0.18
version/fortinet fortiproxy/2.0
version/fortinet fortiproxy/1.2
version/fortinet fortiproxy/1.1
version/fortinet fortiproxy/1.0
canonical/fortinet fortirecorder 400d
version/fortinet fortirecorder 400d/7.2.0
version/fortinet fortirecorder 400d/7.2.1
version/fortinet fortirecorder 400d/7.0.0
version/fortinet fortirecorder 400d/7.0.4
canonical/fortinet fortivoice enterprise
version/fortinet fortivoice enterprise/7.0.0
version/fortinet fortivoice enterprise/7.0.4
version/fortinet fortivoice enterprise/6.4.0
version/fortinet fortivoice enterprise/6.4.9
version/fortinet fortivoice enterprise/6.0
canonical/fortinet fortiweb
version/fortinet fortiweb/.
version/fortinet fortiweb/7.4.0
version/fortinet fortiweb/7.4.4
version/fortinet fortiweb/7.2
version/fortinet fortiweb/7.0
version/fortinet fortiweb/6.4