CVE-2022-41328 — Fortinet FortiOS Path Traversal Vulnerability
2023-03-14 • CISA Known Exploited Vulnerability
[event] Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Fortinet |
| Product | FortiOS |
| CWE | CWE-22 |
| CVE ID | CVE-2022-41328 |
| Date Added | 2023-03-14 |
| Due Date | 2023-04-04 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2023-04-04