CVE-2024-54021

6.5MEDIUM

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a rem

公開日: 1/14/2025更新日: 8/8/2025
NVDで表示MITREで表示

説明

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers.

AI分析AIによる分析

影響を受ける製品

fortinetfortiproxy
fortinetfortiproxy
fortinetfortios
fortinetfortios
fortinetfortios
7.6.0

参照