EUVD-2021-12924

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

FortiProxy and FortiGate versions have a CSRF vulnerability in SSL VPN portal affecting data authenticity.

Reporter	Title	Published	Views	Family All 12
CNNVD	Fortinet FortiProxy SSL VPN 数据伪造问题漏洞	8 Dec 202100:00	–	cnnvd
CNVD	Fortinet FortiProxy SSL VPN Cross-Site Request Forgery Vulnerability	15 Dec 202100:00	–	cnvd
CVE	CVE-2021-26103	8 Dec 202112:01	–	cve
Cvelist	CVE-2021-26103	8 Dec 202112:01	–	cvelist
Fortinet	Protect	7 Dec 202100:00	–	fortinet
Tenable Nessus	Fortinet Fortigate ['CSRF'] (FG-IR-20-158)	29 Oct 202400:00	–	nessus
Tenable Nessus	Fortinet FortiOS CSRF (FG-IR-20-158)	14 Jan 202200:00	–	nessus
NCSC	Vulnerabilities fixed in FortiOS	8 Dec 202100:00	–	ncsc
NVD	CVE-2021-26103	8 Dec 202112:15	–	nvd
Prion	Cross site request forgery (csrf)	8 Dec 202112:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "62818776-842a-32c7-96c7-8bfbc2aeed89",
        "vendor": {
          "name": "Fortinet"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "d30f7fa1-96a4-3389-acc9-6bce9fa10d12",
        "product": {
          "name": "Fortinet FortiOS"
        },
        "product_version": "FortiOS 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/advisory/FG-IR-20-158
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

8.6High risk

Vulners AI Score8.6

CVSS 3.16.3 - 8.8

CVSS 25.1

EPSS0.00422

SSVC