CVE-2024-54021

6.5MEDIUM

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a rem

发布于: 1/14/2025更新于: 8/8/2025
在NVD查看在MITRE查看

描述

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers.

AI分析AI驱动

受影响产品

fortinetfortiproxy
fortinetfortiproxy
fortinetfortios
fortinetfortios
fortinetfortios
7.6.0

参考资料