CVE-2025-46775

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-46775

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46775.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-46775

Published

2025-11-18T17:16:01.973Z

Modified

2026-03-13T03:22:11.443820Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-259

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46775.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "7.0.0"
            },
            {
                "fixed": "7.4.8"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "7.6.0"
            },
            {
                "fixed": "7.6.3"
            }
        ]
    }
]