CVE-2024-54021
6.5MEDIUMAn Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a rem
Опубликовано: 1/14/2025Обновлено: 8/8/2025
Описание
An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers.
ИИ-АнализНа базе ИИ
Затронутые продукты
fortinetfortiproxy
fortinetfortiproxy
fortinetfortios
fortinetfortios
fortinetfortios
7.6.0
Ссылки
- https://fortiguard.fortinet.com/psirt/FG-IR-24-282Vendor Advisory