Path Traversal Vulnerability in Fortinet FortiVoice
CVE-2025-58693

5.7MEDIUM

Key Information:

Vendor: Fortinet
Status: Fortivoice
Vendor: CVE Published:; 13 January 2026

What is CVE-2025-58693?

A path traversal vulnerability in Fortinet FortiVoice versions 7.2.0 to 7.2.2 and 7.0.0 to 7.0.7 allows a privileged user to exploit improperly limited pathnames. Through crafted HTTP or HTTPS requests, attackers can manipulate file paths to access and delete files from the server's underlying filesystem, posing significant risks to data integrity and security. Organizations using affected versions of FortiVoice are advised to implement necessary security measures and apply updates as soon as possible.

Affected Version(s)

FortiVoice 7.2.0 <= 7.2.2

FortiVoice 7.0.0 <= 7.0.7

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-778

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 13, 2026
Vulnerability Reserved
Sep 3, 2025

CVE-2025-58693 Data

JSON