CNNVD-202511-2016 Information

CNNVD ID

CNNVD-202511-2016

Related CVE

CVE-2025-58692

• CNNVD Published: 2025-11-18

Description (Chinese)

Fortinet FortiVoice是美国飞塔（Fortinet）公司的一个统一通信和协作即服务。 Fortinet FortiVoice 7.2.0版本至7.2.2版本和7.0.0版本至7.0.7版本存在SQL注入漏洞，该漏洞源于SQL命令中和不当，可能导致执行任意代码。

Description (English)

Fortinet FortiVoice is a unified communications and collaborative service of Fortinet. Fortinet FortiVoice 7.2.0 to 7.2.2 and 7.0.0 to 7.0.7 has an injection loophole in SQL, which stems from inappropriateity in SQL orders and may lead to the enforcement of arbitrary codes.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

飞塔

Published

2025-11-18

Last Modified

2026-02-24

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-666 https://access.redhat.com/security/cve/cve-2025-58692

Patch

https://fortiguard.fortinet.com/psirt/FG-IR-25-666