EUVD-2026-10520

🗓️ 10 Mar 2026 18:31:19Reported by EUVDType

Improper control of interaction frequency in FortiWeb allows unauthenticated attackers to bypass rate limits.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2026-24017	11 Mar 202610:50	–	circl
CNNVD	Fortinet FortiWeb 安全漏洞	10 Mar 202600:00	–	cnnvd
CVE	CVE-2026-24017	10 Mar 202616:44	–	cve
Cvelist	CVE-2026-24017	10 Mar 202616:44	–	cvelist
EUVD	EUVD-2026-10519	10 Mar 202618:31	–	euvd
NCSC	Vulnerabilities fixed in Fortinet FortiWeb	12 Mar 202607:46	–	ncsc
NVD	CVE-2026-24017	10 Mar 202618:18	–	nvd
OSV	CVE-2026-24017	10 Mar 202618:18	–	osv
Positive Technologies	PT-2026-24243	10 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-24017	26 Mar 202615:00	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "d4b15e58-bc24-33fc-8aff-066ef0cb71ac",
        "vendor": {
          "name": "Fortinet"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0e29f4b6-6081-3cab-8a47-6ae844b8e215",
        "product": {
          "name": "FortiWeb"
        },
        "product_version": "7.4.0 ≤7.4.10"
      },
      {
        "id": "3271a996-8fdc-3fc7-b4ae-1c761dec1dfc",
        "product": {
          "name": "FortiWeb"
        },
        "product_version": "7.2.0 ≤7.2.11"
      },
      {
        "id": "62244101-01fc-369d-94dd-d3ed4349d1bd",
        "product": {
          "name": "FortiWeb"
        },
        "product_version": "7.6.0 ≤7.6.5"
      },
      {
        "id": "64aad2e3-dd7c-3900-9399-304d120a7c8f",
        "product": {
          "name": "FortiWeb"
        },
        "product_version": "7.0.0 ≤7.0.11"
      },
      {
        "id": "a72970ee-aee8-3dc4-8d03-7d374a5e3132",
        "product": {
          "name": "FortiWeb"
        },
        "product_version": "8.0.0 ≤8.0.2"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.fortinet.com/psirt/FG-IR-26-082
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-24017

10 Mar 2026 18:31Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.18.1

EPSS0.00189

SSVC