CNNVD-202511-2030 Information
CNNVD ID
CNNVD-202511-2030
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
Fortinet FortiExtender是美国飞塔(Fortinet)公司的一款无线WAN(广域网)扩展器设备。 Fortinet FortiExtender存在安全漏洞,该漏洞源于未检查输入大小的缓冲区复制,可能导致认证用户通过特制CLI命令执行任意代码。以下版本受到影响:7.6.0版本至7.6.1版本、7.4.0版本至7.4.6版本、7.2所有版本和7.0所有版本。
Description (English)
Fortinet FortiExtender is a wireless WAN extension for Fortinet. Fortinet FortiExtender has a security loophole that originates from the unchecked copying of the buffer zone with input sizes, which may result in the authentication user enforcing any code through a special CLI command. The following versions were affected: 7.6.0 to 7.6.1, 7.4.0 to 7.4.6, 7.2 to all and 7.0 to all.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
飞塔
Published
2025-11-18
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-251 https://access.redhat.com/security/cve/cve-2025-46776
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-251
Share on: