CNNVD-202602-1627 Information
CNNVD ID
CNNVD-202602-1627
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
Fortinet FortiOS是美国飞塔(Fortinet)公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS 7.6.0版本、7.4.0版本至7.4.9版本、7.2所有版本、7.0所有版本和6.4.3版本至6.4.16版本存在环境问题漏洞,该漏洞源于HTTP请求解释不一致,可能导致通过特制标头走私未记录的HTTP请求。
Description (English)
Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform of the United States of America. The system provides a wide range of security features for users, including firewalls, anti-virus, IPSEc/SSLVPN, Web content filters and anti-spam. Fortinet FortiOS version 7.6.0, version 7.4.0 to version 7.4.9, all version 7.2, all version 7.0 and versions 6.4.3 to 6.4.16 have environmental gaps, which stem from inconsistencies in the explanations requested by HTTP and may lead to the smuggling of unrecorded HTTP requests through specialized markers.
Vulnerability Type
环境问题
Affected Vendor
飞塔
Published
2026-02-10
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-667 https://access.redhat.com/security/cve/cve-2025-55018
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-667
Share on: