Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/13 5:37 p.m.11 views

CVE-2025-24472

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstream and downstream devices serial numbers to...

8.1CVSS9.8AI score0.03092EPSS
Exploits0References1
NVD
NVD
added 2025/02/11 5:15 p.m.20 views

CVE-2025-24472

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstream and downstream devices serial numbers to...

8.1CVSS0.03092EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/11 4:50 p.m.18 views

CVE-2025-24472

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstream and downstream devices serial numbers to...

8.1CVSS9.8AI score0.03092EPSS
Exploits0References1
CVE
CVE
added 2025/02/11 4:50 p.m.329 views

CVE-2025-24472

CVE-2025-24472 affects Fortinet FortiOS (7.0.0–7.0.16) and FortiProxy (7.2.0–7.2.12, also 7.0.0–7.0.19 in some sources) with an authentication bypass (CWE-288) that can grant super-admin privileges on downstream devices when Security Fabric is enabled. exploitation requires crafting CSF proxy req...

8.1CVSS9.8AI score0.03092EPSS
In wildExploits0References2Affected Software2
Rows per page
Query Builder