Path traversal via File Content Extract in FortiSOAR PaaS <7.7
CVE-2026-22573 Published on April 14, 2026
An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5 all versions, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5 all versions, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to perform path traversal attack via File Content Extraction actions.
Vulnerability Analysis
CVE-2026-22573 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is a Directory traversal Vulnerability?
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
CVE-2026-22573 has been classified to as a Directory traversal vulnerability or weakness.
Products Associated with CVE-2026-22573
stack.watch emails you whenever new vulnerabilities are published in Fortinet Fortisoaron Premise or Fortinet Fortisoarpaas. Just hit a watch button to start following.
Affected Versions
Fortinet FortiSOAR on-premise:- Version 7.6.0, <= 7.6.3 is affected.
- Version 7.5.0, <= 7.5.3 is affected.
- Version 7.4.0, <= 7.4.5 is affected.
- Version 7.3.0, <= 7.3.3 is affected.
- Version 7.6.0, <= 7.6.3 is affected.
- Version 7.5.0, <= 7.5.3 is affected.
- Version 7.4.0, <= 7.4.5 is affected.
- Version 7.3.0, <= 7.3.3 is affected.