VDB

CESS-2025-55018

CESS-2025-55018 PUBLISHED CVSS 5.8 MEDIUM

An inconsistent interpretation of http requests ('http request smuggling') vulnerability in Fortinet FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4.3 through 6.4.16 may allow an unauthenticated attacker to smuggle an unlogged http request through the firewall policies via a specially crafted header

Risk Scores

CVSS 3.1
5.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Timeline

  • Feb 10, 2026 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›