CVE-2025-46775_CVE-2025-46775

5.2 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C

Description

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.

Basic Information

ID CVE-2025-46775

Source fortinet

Published Nov 18, 2025 at 17:01

Modified Nov 18, 2025 at 18:33

Affected Product

Vendor Fortinet

Product FortiExtender

Version 7.6.0

Affected Versions Fortinet FortiExtender 7.6.0
Fortinet FortiExtender 7.4.0
Fortinet FortiExtender 7.2.0
Fortinet FortiExtender 7.0.0

CWE Classification

CWE-1295

References

fortiguard.fortinet.com /psirt/FG-IR-25-259

{
    "lastseen": "",
    "description": "A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.",
    "published": "2025-11-18T17:01:17.364Z",
    "modified": "2025-11-18T18:33:37.068Z",
    "type": "cve",
    "title": "CVE-2025-46775",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259",
    "id": "CVE-2025-46775",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1295"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiExtender 7.6.0\nFortinet FortiExtender 7.4.0\nFortinet FortiExtender 7.2.0\nFortinet FortiExtender 7.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.2,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiExtender",
    "version": "7.6.0",
    "vendor": "Fortinet",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}