CVE-2025-46775
published 2025-11-18CVE-2025-46775: A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortiextender | — | — |
| fortinet | fortiextender | 7.0.0 – 7.0.5 | — |
| fortinet | fortiextender | 7.2.0 – 7.2.5 | — |
| fortinet | fortiextender | 7.4.0 – 7.4.6 | — |
| fortinet | fortiextender | 7.6.0 – 7.6.1 | — |
| fortinet | fortiextender_firmware | >= 7.0.0 < 7.4.8 | 7.4.8 |
| fortinet | fortiextender_firmware | >= 7.6.0 < 7.6.3 | 7.6.3 |
| fortinet | fortiextenderfirmware | — | — |
| fortinet | fortinet | — | — |