EUVD-2025-209451

| CVE-2025-59809 MEDIUM
2026-04-14 fortinet GHSA-r66p-45rw-5xc2
Fortinet SSRF Fortisoar On Premise Fortisoar Paas
4.3
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 14, 2026 - 17:05 vuln.today
CVSS Changed
Apr 14, 2026 - 16:22 NVD
4.1 (MEDIUM) 4.3 (MEDIUM)

DescriptionNVD

A server-side request forgery (ssrf) vulnerability [CWE-918] vulnerability in Fortinet FortiSOAR PaaS 7.6.4, FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.4, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated attacker to discover services running on local ports via crafted requests.

AnalysisAI

Server-side request forgery in Fortinet FortiSOAR (both PaaS and on-premise versions 7.3 through 7.6.4) allows authenticated attackers to discover services running on local ports by crafting malicious requests. The vulnerability requires valid user credentials and carries a CVSS score of 4.3 with low confidentiality impact; no public exploit code or active exploitation has been confirmed at this time.

Technical ContextAI

This server-side request forgery (SSRF) vulnerability exploits improper validation of user-supplied URLs in FortiSOAR's request handling mechanisms, classified under CWE-918. The affected products include both Fortinet FortiSOAR on-premise deployments and the cloud-based PaaS variant across multiple major versions (7.3 through 7.6.4). SSRF vulnerabilities in enterprise security orchestration platforms like FortiSOAR are particularly concerning because they operate within trusted network segments and often have access to internal services, APIs, and management interfaces that would normally be restricted to external attackers. The vulnerability requires an authenticated user context (PR:L in CVSS vector), meaning the attacker must possess valid credentials to exploit the flaw.

RemediationAI

Organizations must upgrade FortiSOAR installations to patched versions beyond those listed as affected (7.6.5 or later for 7.6.x branch, 7.5.3 or later for 7.5.x branch, 7.4.6 or later for 7.4.x branch, and 7.3.4 or later for 7.3.x branch); exact patch version confirmation should be verified against the Fortinet advisory at https://fortiguard.fortinet.com/psirt/FG-IR-26-103. For organizations unable to patch immediately, implement network-level access controls restricting FortiSOAR instances' outbound connections to only explicitly authorized internal services, and audit user access logs to FortiSOAR to identify and revoke unnecessary credentials for low-privilege accounts that do not require full platform access. Apply principle of least privilege by restricting user roles within FortiSOAR to the minimum required permissions.

Share

EUVD-2025-209451 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy