VDB
CESS-2025-55018
CESS-2025-55018
PUBLISHED
CVSS 5.8 MEDIUM
An inconsistent interpretation of http requests ('http request smuggling') vulnerability in Fortinet FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4.3 through 6.4.16 may allow an unauthenticated attacker to smuggle an unlogged http request through the firewall policies via a specially crafted header
Risk Scores
CVSS 3.1
5.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Timeline
- Feb 10, 2026 CVE Published