Main Vulnerability Database Vulnerabilities #VU115082

#VU115082 Relative path traversal in FortiWeb - CVE-2025-53609

Published: September 9, 2025

Vulnerability identifier: #VU115082

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-53609

CWE-ID: CWE-23

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
FortiWeb

Software vendor:
Fortinet, Inc

Description

The vulnerability allows a remote privileged user to gain access to sensitive information.

The vulnerability exists due to relative path traversal in policy scripting. An authenticated attacker can perform an arbitrary file read on the underlying system via crafted requests.

Remediation

Install update from vendor's website.

External links

https://www.fortiguard.com/psirt/FG-IR-25-512

#VU115082 Relative path traversal in FortiWeb - CVE-2025-53609

Description

Remediation

External links

Please verify you're human