CNNVD-202511-2022 Information
CNNVD ID
CNNVD-202511-2022
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
Fortinet FortiMail是美国飞塔(Fortinet)公司的一套电子邮件安全网关产品。该产品提供电子邮件安全防护和数据保护等功能。 Fortinet FortiMail存在注入漏洞,该漏洞源于CRLF序列中和不当,可能导致注入标头。以下版本受到影响:7.6.0版本至7.6.3版本、7.4.0版本至7.4.5版本、7.2所有版本和7.0所有版本。
Description (English)
Fortinet FortiMail is an e-mail safety gateway product for Fortinet. The product provides e-mail security and data protection. Fortinet FortiMail has an injection loophole, which originates from the inappropriateness of the CRLF sequence and may lead to the injection of the header. The following versions were affected: 7.6.0 to 7.6.3, 7.4.0 to 7.4.5, 7.2 to all and 7.0 to all.
Hazard Level
High
Vulnerability Type
注入
Affected Vendor
飞塔
Published
2025-11-18
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-634 https://access.redhat.com/security/cve/cve-2025-54972
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-634
Share on: