CVE-2024-26015

Name of the Vulnerable Software and Affected Versions FortiProxy versions 7.4.3 and below FortiProxy versions 7.2.10 and below FortiProxy versions 7.0.17 and below FortiOS versions 7.4.3 and below FortiOS versions 7.2.8 and below FortiOS versions 7.0.15 and below

Description The issue is related to an incorrect parsing of numbers with different radices, which may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests. This is due to a mishandling of IP address validation.

Recommendations For FortiProxy versions 7.4.3 and below, consider updating to a version above 7.4.3 to resolve the issue. For FortiProxy versions 7.2.10 and below, consider updating to a version above 7.2.10 to resolve the issue. For FortiProxy versions 7.0.17 and below, consider updating to a version above 7.0.17 to resolve the issue. For FortiOS versions 7.4.3 and below, consider updating to a version above 7.4.3 to resolve the issue. For FortiOS versions 7.2.8 and below, consider updating to a version above 7.2.8 to resolve the issue. For FortiOS versions 7.0.15 and below, consider updating to a version above 7.0.15 to resolve the issue. As a temporary workaround, consider restricting access to the IP address validation feature to minimize the risk of exploitation.