Back to CVE List

CVE-2025-55018

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
5.8 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Vulnerability Description

An inconsistent interpretation of http requests ('http request smuggling') vulnerability in Fortinet FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4.3 through 6.4.16 may allow an unauthenticated attacker to smuggle an unlogged http request through the firewall policies via a specially crafted header

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-444
Source
NVD
Vendor
Fortinet
Product
FortiOS

External References

Discussion (0)

Add Comment

No comments yet. Be the first!