CVE-2025-46776

CWE-120Classic Buffer Overflow4 documents4 sources
Severity
7.8HIGH
EPSS
0.0%
top 92.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet Fortiextender FirmwareFortinet Fortiextender
Timeline
PublishedNov 18

Description

A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.5 | Impact: 5.9

Affected Packages2 packages

NVDfortinet/fortiextender_firmware7.0.07.4.8+1
CVEListV5fortinet/fortiextender7.6.07.6.1+3

🔴Vulnerability Details

2
CVEList
CVE-2025-46776: A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 72025-11-18
GHSA
GHSA-xhvc-jjj4-9gq2: A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiExtender 72025-11-18

📋Vendor Advisories

1
Fortinet
Authenticated CLI Commands Buffer Overflow2025-11-18
CVE-2025-46776 (HIGH CVSS 7.8) | A buffer copy without checking size | cvebase.io