Platform
fortinet
Component
fortiproxy
Fixed in
7.4.6
7.2.12
7.0.19
2.0.15
1.2.14
1.1.7
1.0.8
7.4.4
7.6.2
7.4.4
7.6.1
7.4.5
7.2.10
7.0.16
6.4.16
CVE-2024-48884 describes a path traversal vulnerability discovered in FortiProxy. This flaw allows a remote, authenticated attacker to potentially access sensitive files on the system. The vulnerability impacts FortiProxy versions 1.0.0 through 7.6.1, as well as several FortiManager and FortiOS versions. A patch is available from Fortinet to address this issue.
Successful exploitation of CVE-2024-48884 allows a remote, authenticated attacker to bypass intended access controls and read arbitrary files on the FortiProxy appliance. This could include configuration files, sensitive data, or even system files, depending on the attacker's privileges and the system's configuration. The potential impact ranges from information disclosure to complete system compromise, enabling attackers to modify configurations, escalate privileges, or launch further attacks against internal networks. While requiring authentication, the ease of traversal makes it a significant risk, particularly in environments with weak password policies or compromised user accounts.
CVE-2024-48884 is currently not listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, but the path traversal nature of the vulnerability suggests a relatively low barrier to entry for exploitation. The vulnerability was publicly disclosed on 2025-01-14. Given the ease of path traversal exploitation, it is reasonable to expect that attackers will actively target vulnerable systems.
Exploit Status
EPSS
39.29% (97% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-48884 is to upgrade FortiProxy to a patched version. Fortinet has released updates to address this vulnerability. If immediate patching is not possible due to compatibility concerns or testing requirements, consider implementing temporary workarounds. These may include restricting access to the vulnerable endpoint, implementing stricter authentication controls, and reviewing file permissions to limit the potential impact of a successful exploit. Web application firewalls (WAFs) configured to detect and block path traversal attempts can also provide an additional layer of defense. After upgrade, confirm the vulnerability is resolved by attempting a path traversal request and verifying that access is denied.
Update FortiProxy to a patched version. See the Fortinet advisory for details on patched versions and upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-48884 is a path traversal vulnerability affecting FortiProxy versions 1.0.0–7.6.1, allowing authenticated attackers to access sensitive files.
If you are running FortiProxy versions 1.0.0 through 7.6.1, you are potentially affected by this vulnerability. Check your version and apply the available patch.
Upgrade FortiProxy to a patched version as soon as possible. Refer to the Fortinet advisory for specific version details and upgrade instructions.
While no active exploitation has been confirmed, the ease of path traversal exploitation suggests it is likely to be targeted by attackers.
Refer to the official Fortinet security advisory for detailed information and mitigation steps: [https://www.fortinet.com/security/advisory/fortinet-security-advisory/CVE-2024-48884](https://www.fortinet.com/security/advisory/fortinet-security-advisory/CVE-2024-48884)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.