CVE-2025-68649

CVSS 5.4 MEDIUMEPSS 0.4%CWE-22

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.4EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

14 Apr 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through 7.4.7, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager Cloud 7.6.0 through 7.6.4, FortiManager Cloud 7.4.0 through 7.4.7, FortiManager Cloud 7.2 all versions, FortiManager Cloud 7.0 all versions may allow a privileged attacker to delete files from the underlying filesystem via crafted CLI requests.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C

Affected products

Fortinet · FortiAnalyzer Fortinet · FortiAnalyzer Cloud Fortinet · FortiManager Fortinet · FortiManager Cloud

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-120