CVSS: 10.0EPSS: 9%CPEs: 23EXPL: 5CVE-2025-32756 – Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-32756
13 May 2025 — A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unaut... • https://github.com/exfil0/CVE-2025-32756-POC • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47573
https://notcve.org/view.php?id=CVE-2024-47573
14 Mar 2025 — An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted firmware image. • https://fortiguard.fortinet.com/psirt/FG-IR-23-461 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-48790
https://notcve.org/view.php?id=CVE-2023-48790
11 Mar 2025 — A cross site request forgery vulnerability [CWE-352] in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests. • https://fortiguard.fortinet.com/psirt/FG-IR-23-353 • CWE-352: Cross-Site Request Forgery (CSRF) •