216.73.217.139

CVE-2025-46775

· Published 18/11/2025 17:16 · Modified 20/11/2025 14:40

Labels: CVE-2025-46775 2025-11-18CVE-2025-46775CWE-1295[email protected]

Essential information

Published
18/11/2025 17:16
Modified
20/11/2025 14:40
Author
Creator
CVSS
5.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
fortinet / fortiextender firmware cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*
fortinet / fortiextender firmware cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*
fortinet / fortiextender cpe:2.3:h:fortinet:fortiextender:-:*:*:*:*:*:*:*

References