CVE-2026-59839
EUVD-2026-4371714.07.2026, 16:17
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiOS 7.6.0 through 7.6.6, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.8.0, FortiPAM 1.7.0 through 1.7.2, FortiPAM 1.6 all versions, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.6.0 through 7.6.5, FortiProxy 7.4 through 7.4.13, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions may allow attacker to execute unauthorized code or commands via <insert attack vector here>Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| fortinet | fortiproxy | 7.6.0 ≤ 𝑥 ≤ 7.6.5 | CNA |
| fortinet | fortiproxy | 7.4.0 ≤ 𝑥 ≤ 7.4.13 | CNA |
| fortinet | fortiproxy | 7.2.0 ≤ 𝑥 ≤ 7.2.16 | CNA |
| fortinet | fortiproxy | 7.0.0 ≤ 𝑥 ≤ 7.0.23 | CNA |
| fortinet | fortiproxy | 7.6.0 ≤ 𝑥 ≤ 7.6.6 | CNA |
| fortinet | fortiproxy | 7.4.0 ≤ 𝑥 ≤ 7.4.9 | CNA |
| fortinet | fortiproxy | 7.2.0 ≤ 𝑥 ≤ 7.2.13 | CNA |
| fortinet | fortiproxy | 7.0.0 ≤ 𝑥 ≤ 7.0.19 | CNA |
| fortinet | fortiproxy | 6.4.0 ≤ 𝑥 ≤ 6.4.16 | CNA |
| fortinet | fortiproxy | 1.8.0 | CNA |
| fortinet | fortiproxy | 1.7.0 ≤ 𝑥 ≤ 1.7.2 | CNA |
| fortinet | fortiproxy | 1.6.0 ≤ 𝑥 ≤ 1.6.2 | CNA |
| fortinet | fortiproxy | 1.5.0 ≤ 𝑥 ≤ 1.5.1 | CNA |
| fortinet | fortiproxy | 1.4.0 ≤ 𝑥 ≤ 1.4.3 | CNA |
| fortinet | fortiproxy | 1.3.0 ≤ 𝑥 ≤ 1.3.1 | CNA |
| fortinet | fortiproxy | 1.2.0 | CNA |
| fortinet | fortiproxy | 1.1.0 ≤ 𝑥 ≤ 1.1.2 | CNA |
| fortinet | fortiproxy | 1.0.0 ≤ 𝑥 ≤ 1.0.3 | CNA |