vulnerability
Fortinet FortiOS: Incorrect Type Conversion or Cast (CVE-2024-26015)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
3 | (AV:A/AC:L/Au:N/C:N/I:P/A:N) | Jul 9, 2024 | Sep 12, 2024 | Jan 28, 2025 |
Severity
3
CVSS
(AV:A/AC:L/Au:N/C:N/I:P/A:N)
Published
Jul 9, 2024
Added
Sep 12, 2024
Modified
Jan 28, 2025
Description
An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.
Solution
fortios-upgrade-latest

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.