How severe is CVE-2025-25255?

CVE-2025-25255 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-25255

Name: fortios
Author: fortinet

5.3MEDIUM

An Improperly Implemented Security Check for Standard vulnerability [CWE-358] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, Fo

게시됨: 10/14/2025업데이트됨: 1/14/2026

설명

An Improperly Implemented Security Check for Standard vulnerability [CWE-358] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7.0.1 through 7.0.22 may allow an unauthenticated proxy user to bypass the domain fronting protection feature via crafted HTTP requests.

AI 분석AI 기반

영향받는 제품

fortinetfortiproxy

fortinetfortios

참조

https://fortiguard.fortinet.com/psirt/FG-IR-24-372
Vendor Advisory