← back
CVE-2026-24641

CVE-2026-24641

CVSS 2.5 LOWEPSS 0.4%CWE-476
A NULL Pointer Dereference vulnerability [CWE-476] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker to crash the HTTP daemon via crafted HTTP requests.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Affected products
Fortinet · FortiWeb

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.fortinet.com/psirt/FG-IR-26-089