CVE-2025-67604

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,3

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: none

Availability: high

Description

AI Translation Available

A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow an authenticated attacker to cause a system hang via multiple specially crafted HTTP requests causing crashes. This happens if internal locks are aligned, which is out of control of the attacker.

676

Use of Potentially Dangerous Function

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context Quality Degradation Unexpected State

Applicable Platforms

Languages: C, C++

Likelihood of Exploit: High

View CWE Details

https://fortiguard.fortinet.com/psirt/FG-IR-26-137

CVE-2025-67604

Description

Use of Potentially Dangerous Function

Common Consequences

Applicable Platforms

Iscriviti alla newsletter