How severe is CVE-2024-54021?

CVE-2024-54021 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-54021

Name: fortios
Author: fortinet

6.5MEDIUM

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a rem

Veröffentlicht: 1/14/2025Aktualisiert: 8/8/2025

Beschreibung

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers.

KI-AnalyseKI-gestützt

Betroffene Produkte

fortinetfortiproxy

fortinetfortios

7.6.0

Referenzen

https://fortiguard.fortinet.com/psirt/FG-IR-24-282
Vendor Advisory