CVE-2025-32756 Information

Description

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0 7.0.0 through 7.0.6 6.4.0 through 6.4.10 FortiRecorder versions 7.2.0 through 7.2.3 7.0.0 through 7.0.5 6.4.0 through 6.4.5 FortiMail versions 7.6.0 through 7.6.2 7.4.0 through 7.4.4 7.2.0 through 7.2.7 7.0.0 through 7.0.8 FortiNDR versions 7.6.0 7.4.0 through 7.4.7 7.2.0 through 7.2.4 7.0.0 through 7.0.6 FortiCamera versions 2.1.0 through 2.1.3 2.0 all versions 1.1 all versions allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-25-254