How severe is CVE-2024-54021?

CVE-2024-54021 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-54021

Name: fortios
Author: fortinet

6.5MEDIUM

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a rem

Publicado: 1/14/2025Atualizado: 8/8/2025

Descrição

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers.

Análise IADesenvolvido por IA

Produtos Afetados

fortinetfortiproxy

fortinetfortios

7.6.0

Referências

https://fortiguard.fortinet.com/psirt/FG-IR-24-282
Vendor Advisory