CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-60024

Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands

Exploit prediction scoring system (EPSS) score

CVSS Severity

CVSS v3 Score 8.8

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-812

Products affected by CVE-2025-60024

Fortinet » Fortivoice » Version: 7.0.0

cpe:2.3:a:fortinet:fortivoice:7.0.0
Fortinet » Fortivoice » Version: 7.0.1

cpe:2.3:a:fortinet:fortivoice:7.0.1
Fortinet » Fortivoice » Version: 7.0.2

cpe:2.3:a:fortinet:fortivoice:7.0.2
Fortinet » Fortivoice » Version: 7.0.3

cpe:2.3:a:fortinet:fortivoice:7.0.3
Fortinet » Fortivoice » Version: 7.0.4

cpe:2.3:a:fortinet:fortivoice:7.0.4
Fortinet » Fortivoice » Version: 7.0.5

cpe:2.3:a:fortinet:fortivoice:7.0.5
Fortinet » Fortivoice » Version: 7.0.6

cpe:2.3:a:fortinet:fortivoice:7.0.6
Fortinet » Fortivoice » Version: 7.0.7

cpe:2.3:a:fortinet:fortivoice:7.0.7
Fortinet » Fortivoice » Version: 7.2.0

cpe:2.3:a:fortinet:fortivoice:7.2.0
Fortinet » Fortivoice » Version: 7.2.1

cpe:2.3:a:fortinet:fortivoice:7.2.1
Fortinet » Fortivoice » Version: 7.2.2

cpe:2.3:a:fortinet:fortivoice:7.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-60024

Products

Pricing

Contact Us