PT-2025-47352 · Fortinet · Fortiextender
Published
2025-11-18
·
Updated
2025-11-19
·
CVE-2025-46775
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Fortinet FortiExtender versions 7.0 all versions
Fortinet FortiExtender versions 7.2 all versions
Fortinet FortiExtender versions 7.4.0 through 7.4.6
Fortinet FortiExtender versions 7.6.0 through 7.6.1
Description
An issue exists in Fortinet FortiExtender that could allow an authenticated user to gain access to administrator credentials. This is possible through the use of debug log commands which reveal unnecessary information.
Recommendations
Update FortiExtender to a version later than 7.6.1.
Update FortiExtender to a version later than 7.4.6.
Update FortiExtender to a version later than 7.2.
Update FortiExtender to a version later than 7.0.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortiextender