Plattform
fortinet
Komponente
fortiproxy
Behoben in
7.4.6
7.2.12
7.0.19
2.0.15
1.2.14
1.1.7
1.0.8
7.4.4
7.6.2
7.4.4
7.6.1
7.4.5
7.2.10
7.0.16
6.4.16
CVE-2024-48884 describes a path traversal vulnerability discovered in FortiProxy. This flaw allows a remote, authenticated attacker to potentially access sensitive files on the system. The vulnerability impacts FortiProxy versions 1.0.0 through 7.6.1, as well as several FortiManager and FortiOS versions. A patch is available from Fortinet to address this issue.
Successful exploitation of CVE-2024-48884 could allow an attacker to read arbitrary files on the FortiProxy appliance. This includes configuration files, potentially containing credentials, or other sensitive data. The impact is amplified if the FortiProxy is used as a reverse proxy for internal resources, as the attacker could potentially gain access to backend systems. While authentication is required, a compromised user account or a vulnerability in the authentication mechanism could be leveraged to exploit this path traversal. The blast radius extends to any data accessible by the FortiProxy process, potentially exposing internal network resources.
This vulnerability is actively being tracked and is listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet widely available, but the path traversal nature of the vulnerability suggests a relatively low barrier to entry for exploitation. The vulnerability's presence in multiple Fortinet products increases the potential attack surface. The published date of 2025-01-14 indicates a recent disclosure.
Organizations using FortiProxy in environments with weak authentication or exposed to external networks are particularly at risk. Shared hosting environments where multiple users share a single FortiProxy instance are also vulnerable, as a compromise of one user's account could potentially lead to access for other users. Legacy FortiProxy deployments running older, unpatched versions are especially susceptible.
• fortinet: Monitor FortiProxy logs for unusual file access attempts or requests containing directory traversal sequences (e.g., ../).
• linux / server: Use lsof to identify processes accessing unexpected files or directories. Example:
lsof | grep /path/to/sensitive/file• generic web: Use curl to test for path traversal vulnerabilities by appending directory traversal sequences to URLs. Example:
curl 'http://fortiproxy/../../../../etc/passwd'• windows: Use PowerShell to check for suspicious processes or scheduled tasks that might be exploiting the vulnerability. Example:
Get-Process | Where-Object {$_.ProcessName -like '*suspicious*'}disclosure
Exploit-Status
EPSS
39.29% (97% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-48884 is to upgrade to a patched version of FortiProxy. Fortinet has released updates to address this vulnerability. If immediate patching is not possible, consider implementing a Web Application Firewall (WAF) with rules to restrict access to sensitive files and directories. Specifically, configure the WAF to block requests containing path traversal sequences (e.g., ../). Additionally, review and strengthen authentication mechanisms to prevent unauthorized access to the FortiProxy appliance. After upgrade, confirm by attempting to access a restricted file via the web interface and verifying that access is denied.
Actualice FortiProxy a una versión corregida. Consulte el advisory de Fortinet para obtener más detalles sobre las versiones corregidas y las instrucciones de actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-48884 is a path traversal vulnerability affecting FortiProxy versions 1.0.0–7.6.1, allowing authenticated attackers to access sensitive files.
If you are running FortiProxy versions 1.0.0 through 7.6.1, you are potentially affected by this vulnerability. Check your version and apply the available patch.
Upgrade FortiProxy to a patched version as soon as possible. Refer to the Fortinet advisory for specific version details and upgrade instructions.
While no active exploitation has been confirmed, the ease of path traversal exploitation suggests it is likely to be targeted by attackers.
Refer to the official Fortinet security advisory for detailed information and mitigation steps: [https://www.fortinet.com/security/advisory/fortinet-security-advisory/CVE-2024-48884](https://www.fortinet.com/security/advisory/fortinet-security-advisory/CVE-2024-48884)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.