VDB

CNVD-2025-27460

CNVD-2025-27460 PUBLISHED CVSS 4 MEDIUM

Fortinet FortiOS是Fortinet公司的网络安全操作系统,用于提供防火墙、VPN、入侵防御等安全功能。 Fortinet FortiOS存在缓冲区溢出漏洞,该漏洞源于未对特制CLI命令进行充分边界检查。攻击者可利用该漏洞通过构造恶意CLI命令触发堆溢出,实现权限提升。

Risk Scores

CVSS v3.1
4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:U/RC:C

Affected Products

VendorProductVersions
FortinetFortiOS7.6.0, 7.4.0, 7.2.4

Timeline

  • Feb 11, 2025 CVE Published
  • Jul 9, 2025 PoC Published
  • Jul 15, 2025 PoC Published
  • Oct 24, 2025 PoC Published
  • Oct 26, 2025 PoC Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›