ГлавнаяУязвимости → CVE-2025-32756
9.8критическая

CVE-2025-32756

→ есть в БДУ: BDU:2025-05439 (на русском)
Описание (на английском; русское — в БДУ выше)

A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.7, FortiNDR 7.2.0 through 7.2.4, FortiNDR 7.0.0 through 7.0.6, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0.0 through 7.0.5, FortiRecorder 6.4.0 through 6.4.5, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6, FortiVoice 6.4.0 through 6.4.10 allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.

Затрагиваемое ПО
Fortinet FortimailFortinet FortindrFortinet FortirecorderFortinet FortivoiceFortinet Forticamera firmwareFortinet Forticamera
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://fortiguard.fortinet.com/psirt/FG-IR-25-254https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32756