vulnerability

Fortinet FortiOS: Incorrect Type Conversion or Cast (CVE-2024-26015)

Severity
3
CVSS
(AV:A/AC:L/Au:N/C:N/I:P/A:N)
Published
Jul 9, 2024
Added
Sep 12, 2024
Modified
Jan 28, 2025

Description

An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.

Solution

fortios-upgrade-latest
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.