Security Advisory

CVE-2024-54021

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-14 14:09:48

Last updated 2025-08-06 18:04:37

Assigner fortinet

State PUBLISHED

Description

An Improper Neutralization of CRLF Sequences in HTTP Headers (http response splitting) vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers.

← Browse all CVEs View on cve.org ↗