CVE-2026-24017

Name of the Vulnerable Software and Affected Versions Fortinet FortiWeb versions 7.0.0 through 7.0.11 Fortinet FortiWeb versions 7.2.0 through 7.2.11 Fortinet FortiWeb versions 7.4.0 through 7.4.10 Fortinet FortiWeb versions 7.6.0 through 7.6.5 Fortinet FortiWeb versions 8.0.0 through 8.0.2

Description An Improper Control of Interaction Frequency issue exists in Fortinet FortiWeb. This can allow a remote, unauthenticated attacker to bypass authentication rate limits by using specially crafted requests. The success of an attack depends on the attacker's resources and the complexity of the target password.

Recommendations Fortinet FortiWeb versions 7.0.0 through 7.0.11: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Fortinet FortiWeb versions 7.2.0 through 7.2.11: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Fortinet FortiWeb versions 7.4.0 through 7.4.10: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Fortinet FortiWeb versions 7.6.0 through 7.6.5: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Fortinet FortiWeb versions 8.0.0 through 8.0.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability.