CVE-2025-46775

Medium

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through…

fortinet·CWE-1295·Published 2025-11-18

CVSS

5.2

EPSS

0.00

KEV

Exploits

cve.orgen

301 chars

A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.

NVDen

301 chars

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.2	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C
3.1	Primary	cve.org	5.2	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C
3.1	Secondary	NVD	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N