CVE-2025-32756
CRITICALCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Tags
Description
A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.7, FortiNDR 7.2.0 through 7.2.4, FortiNDR 7.0.0 through 7.0.6, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0.0 through 7.0.5, FortiRecorder 6.4.0 through 6.4.5, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6, FortiVoice 6.4.0 through 6.4.10 allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Analysis
Fortinet FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice contain a stack-based buffer overflow enabling unauthenticated remote code execution across multiple Fortinet products.
Technical Context
The CWE-121 stack overflow in shared code affects multiple Fortinet products simultaneously. The vulnerability allows memory corruption through crafted requests, leading to arbitrary code execution.
Affected Products
['Fortinet FortiCamera 1.1-2.1.3', 'Fortinet FortiMail 7.0-7.6.2', 'Fortinet FortiNDR 7.4-7.6.0', 'Fortinet FortiRecorder 6.4-7.2.3', 'Fortinet FortiVoice 6.4-7.2.0']
Remediation
Apply Fortinet security updates across all affected products. Prioritize FortiMail patching. Monitor for exploitation indicators.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today