Path Traversal Vulnerability in Fortinet FortiOS and FortiPAM Products
CVE-2026-59839

5MEDIUM

Key Information:

Vendor

Fortinet

Vendor
CVE Published:
14 July 2026

What is CVE-2026-59839?

A path traversal vulnerability exists in Fortinet FortiOS and FortiPAM products that could allow an attacker to bypass established restrictions and execute unauthorized code or commands. The vulnerability affects multiple versions of FortiOS and FortiPAM, posing a significant risk to network security. This flaw could be exploited by manipulating input paths, potentially leading to unauthorized access and control over affected systems. Users are recommended to apply security patches provided by Fortinet for mitigation.

Affected Version(s)

FortiOS 7.6.0 <= 7.6.6

FortiOS 7.4.0 <= 7.4.9

FortiOS 7.2.0 <= 7.2.13

References

CVSS V3.1

Score:
5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.