CVE-2025-32756: A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1…

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

KEV

CISA Known Exploited Vulnerabilitydue 2025-06-04

A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.7, FortiNDR 7.2.0 through 7.2.4, FortiNDR 7.0.0 through 7.0.6, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0.0 through 7.0.5, FortiRecorder 6.4.0 through 6.4.5, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6, FortiVoice 6.4.0 through 6.4.10 allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.

Affected

48 ranges· showing 25

Vendor	Product	Version range	Fixed in
fortinet	forticamera	—	—
fortinet	forticamera	—	—
fortinet	forticamera	1.1.0 – 1.1.5	—
fortinet	forticamera	2.1.0 – 2.1.3	—
fortinet	forticamera_firmware	1.1.0 – 1.1.5	—
fortinet	forticamera_firmware	2.0.0 – 2.1.3	—
fortinet	forticamerafirmware	—	—
fortinet	fortimail	—	—
fortinet	fortimail	>= 7.0.0 < 7.0.9	7.0.9
fortinet	fortimail	7.0.0 – 7.0.8	—
fortinet	fortimail	>= 7.2.0 < 7.2.8	7.2.8
fortinet	fortimail	7.2.0 – 7.2.7	—
fortinet	fortimail	>= 7.4.0 < 7.4.5	7.4.5
fortinet	fortimail	7.4.0 – 7.4.4	—
fortinet	fortimail	>= 7.6.0 < 7.6.3	7.6.3
fortinet	fortimail	7.6.0 – 7.6.2	—
fortinet	fortindr	—	—
fortinet	fortindr	—	—
fortinet	fortindr	—	—
fortinet	fortindr	—	—
fortinet	fortindr	—	—
fortinet	fortindr	—	—
fortinet	fortindr	—	—
fortinet	fortindr	—	—
fortinet	fortindr	—	—

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

vulncheck9.8CRITICAL

cisa9.8CRITICAL