CVE-2024-54021

6.5MEDIUM

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a rem

게시됨: 1/14/2025업데이트됨: 8/8/2025
NVD에서 보기MITRE에서 보기

설명

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers.

AI 분석AI 기반

영향받는 제품

fortinetfortiproxy
fortinetfortiproxy
fortinetfortios
fortinetfortios
fortinetfortios
7.6.0

참조