How severe is CVE-2025-25255?

CVE-2025-25255 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-25255

Name: fortios
Author: fortinet

5.3MEDIUM

An Improperly Implemented Security Check for Standard vulnerability [CWE-358] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, Fo

公開日: 10/14/2025更新日: 1/14/2026

説明

An Improperly Implemented Security Check for Standard vulnerability [CWE-358] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7.0.1 through 7.0.22 may allow an unauthenticated proxy user to bypass the domain fronting protection feature via crafted HTTP requests.

AI分析AIによる分析

影響を受ける製品

fortinetfortiproxy

fortinetfortios

参照

https://fortiguard.fortinet.com/psirt/FG-IR-24-372
Vendor Advisory