CVE-2025-47890 - Vulnerability Details

An URL Redirection to Untrusted Site vulnerabilities [CWE-601] in FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.8, 7.2 all versions, 7.0 all versions, 6.4 all versions; FortiProxy 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions; FortiSASE 25.2.a may allow an unauthenticated attacker to perform an open redirect attack via crafted HTTP requests.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00023.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Fortinet	Fortios Fortiproxy Fortisase

Configuration 1 [-]

OR	cpe:2.3:o:fortinet:fortios::::::::
	cpe:2.3:o:fortinet:fortios::::::::

Configuration 2 [-]

cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:a:fortinet:fortisase:25.3.40::::feature:::
	cpe:2.3:a:fortinet:fortisase:25.3.40::::mature:::

No data.

Advisories

No advisories yet.

Fixes

Solution

Upgrade to FortiOS version 7.6.4 or above Upgrade to FortiOS version 7.4.9 or above Fortinet remediated this issue in FortiSASE version 25.3.b and hence customers do not need to perform any action. Upgrade to FortiProxy version 7.6.4 or above

Workaround

No workaround given by the vendor.

References

Link	Providers
https://fortiguard.fortinet.com/psirt/FG-IR-24-542

History

Wed, 22 Oct 2025 17:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fortinet fortiproxy Fortinet fortisase
CPEs		cpe:2.3:a:fortinet:fortiproxy:::::::: cpe:2.3:a:fortinet:fortisase:25.3.40::::feature::: cpe:2.3:a:fortinet:fortisase:25.3.40::::mature::: cpe:2.3:o:fortinet:fortios::::::::
Vendors & Products		Fortinet fortiproxy Fortinet fortisase

Thu, 16 Oct 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 14 Oct 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description		An URL Redirection to Untrusted Site vulnerabilities [CWE-601] in FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.8, 7.2 all versions, 7.0 all versions, 6.4 all versions; FortiProxy 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions; FortiSASE 25.2.a may allow an unauthenticated attacker to perform an open redirect attack via crafted HTTP requests.
First Time appeared		Fortinet Fortinet fortios
Weaknesses		CWE-601
CPEs		cpe:2.3:o:fortinet:fortios:6.4.0:::::::* cpe:2.3:o:fortinet:fortios:6.4.10:::::::* cpe:2.3:o:fortinet:fortios:6.4.11:::::::* cpe:2.3:o:fortinet:fortios:6.4.12:::::::* cpe:2.3:o:fortinet:fortios:6.4.13:::::::* cpe:2.3:o:fortinet:fortios:6.4.14:::::::* cpe:2.3:o:fortinet:fortios:6.4.15:::::::* cpe:2.3:o:fortinet:fortios:6.4.16:::::::* cpe:2.3:o:fortinet:fortios:6.4.1:::::::* cpe:2.3:o:fortinet:fortios:6.4.2:::::::* cpe:2.3:o:fortinet:fortios:6.4.3:::::::* cpe:2.3:o:fortinet:fortios:6.4.4:::::::* cpe:2.3:o:fortinet:fortios:6.4.5:::::::* cpe:2.3:o:fortinet:fortios:6.4.6:::::::* cpe:2.3:o:fortinet:fortios:6.4.7:::::::* cpe:2.3:o:fortinet:fortios:6.4.8:::::::* cpe:2.3:o:fortinet:fortios:6.4.9:::::::* cpe:2.3:o:fortinet:fortios:7.0.0:::::::* cpe:2.3:o:fortinet:fortios:7.0.10:::::::* cpe:2.3:o:fortinet:fortios:7.0.11:::::::* cpe:2.3:o:fortinet:fortios:7.0.12:::::::* cpe:2.3:o:fortinet:fortios:7.0.13:::::::* cpe:2.3:o:fortinet:fortios:7.0.14:::::::* cpe:2.3:o:fortinet:fortios:7.0.15:::::::* cpe:2.3:o:fortinet:fortios:7.0.16:::::::* cpe:2.3:o:fortinet:fortios:7.0.17:::::::* cpe:2.3:o:fortinet:fortios:7.0.1:::::::* cpe:2.3:o:fortinet:fortios:7.0.2:::::::* cpe:2.3:o:fortinet:fortios:7.0.3:::::::* cpe:2.3:o:fortinet:fortios:7.0.4:::::::* cpe:2.3:o:fortinet:fortios:7.0.5:::::::* cpe:2.3:o:fortinet:fortios:7.0.6:::::::* cpe:2.3:o:fortinet:fortios:7.0.7:::::::* cpe:2.3:o:fortinet:fortios:7.0.8:::::::* cpe:2.3:o:fortinet:fortios:7.0.9:::::::* cpe:2.3:o:fortinet:fortios:7.2.0:::::::* cpe:2.3:o:fortinet:fortios:7.2.10:::::::* cpe:2.3:o:fortinet:fortios:7.2.11:::::::* cpe:2.3:o:fortinet:fortios:7.2.12:::::::* cpe:2.3:o:fortinet:fortios:7.2.1:::::::* cpe:2.3:o:fortinet:fortios:7.2.2:::::::* cpe:2.3:o:fortinet:fortios:7.2.3:::::::* cpe:2.3:o:fortinet:fortios:7.2.4:::::::* cpe:2.3:o:fortinet:fortios:7.2.5:::::::* cpe:2.3:o:fortinet:fortios:7.2.6:::::::* cpe:2.3:o:fortinet:fortios:7.2.7:::::::* cpe:2.3:o:fortinet:fortios:7.2.8:::::::* cpe:2.3:o:fortinet:fortios:7.2.9:::::::* cpe:2.3:o:fortinet:fortios:7.4.0:::::::* cpe:2.3:o:fortinet:fortios:7.4.1:::::::* cpe:2.3:o:fortinet:fortios:7.4.2:::::::* cpe:2.3:o:fortinet:fortios:7.4.3:::::::* cpe:2.3:o:fortinet:fortios:7.4.4:::::::* cpe:2.3:o:fortinet:fortios:7.4.5:::::::* cpe:2.3:o:fortinet:fortios:7.4.6:::::::* cpe:2.3:o:fortinet:fortios:7.4.7:::::::* cpe:2.3:o:fortinet:fortios:7.4.8:::::::* cpe:2.3:o:fortinet:fortios:7.6.0:::::::* cpe:2.3:o:fortinet:fortios:7.6.1:::::::* cpe:2.3:o:fortinet:fortios:7.6.2:::::::*
Vendors & Products		Fortinet Fortinet fortios
References		https://fortiguard.fortinet.com/psirt/FG-IR-24-542
Metrics		cvssV3_1 `{'score': 2.5, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C'}`

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2025-10-14T15:22:50.356Z

Updated: 2025-10-16T17:27:36.986Z

Reserved: 2025-05-13T12:23:23.436Z

Link: CVE-2025-47890

Vulnrichment

Updated: 2025-10-16T17:27:31.451Z

NVD

Status : Analyzed

Published: 2025-10-14T16:15:38.667

Modified: 2025-10-22T16:48:09.920

Link: CVE-2025-47890

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object