CVE-2025-47890

LOW(2.6)

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

Risk Signal Score7/100 — NIEDRIG

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

2.6

Technische Schwere

Beschreibung

An URL Redirection to Untrusted Site vulnerabilities [CWE-601] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiSASE 25.2.a may allow an unauthenticated attacker to perform an open redirect attack via crafted HTTP requests.

Referenzen

https://fortiguard.fortinet.com/psirt/FG-IR-24-542
https://cert-portal.siemens.com/productcert/html/ssa-864900.html