An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.
Please upgrade to FortiManager version 7.6.0 or above
Please upgrade to FortiManager version 7.4.4 or above
Please upgrade to FortiManager version 7.2.6 or above
Please upgrade to FortiManager version 7.0.13 or above
Please upgrade to FortiAnalyzer version 7.6.0 or above
Please upgrade to FortiAnalyzer version 7.4.4 or above
Please upgrade to FortiAnalyzer version 7.2.6 or above
Please upgrade to FortiAnalyzer version 7.0.13 or above