CVE-2025-24470
CVE-2025-24470 is a high-severity vulnerability in Fortinet Fortiportal with a CVSS 3.x base score of 8.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-41.
Key facts
- Severity: High (CVSS 3.x base score 8.6)
- EPSS exploit prediction: 1% (65th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2025-3724
- Weakness: CWE-41
- Affected product: Fortinet Fortiportal
- Published:
- Last modified:
Description
An Improper Resolution of Path Equivalence vulnerability [CWE-41] in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to retrieve source code via crafted HTTP requests.
Frequently asked questions
- What is CVE-2025-24470?
- An Improper Resolution of Path Equivalence vulnerability [CWE-41] in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to retrieve source code via crafted HTTP requests.
- How severe is CVE-2025-24470?
- CVE-2025-24470 has a CVSS 3.x base score of 8.6, rated high severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is high, integrity none, and availability none.
- Is CVE-2025-24470 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (65th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2025-24470?
- CVE-2025-24470 affects Fortinet Fortiportal. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2025-24470?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- Does CVE-2025-24470 have an EU (EUVD) identifier?
- Yes. CVE-2025-24470 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-3724.
- When was CVE-2025-24470 published?
- CVE-2025-24470 was published on 2025-02-11 and last updated on 2026-06-17.
References
Affected products (1)
- cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*
More vulnerabilities in Fortinet Fortiportal
- CVE-2021-32590 — Critical (CVSS 9.9): Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0…
- CVE-2021-32588 — Critical (CVSS 9.8): A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4…
- CVE-2017-7342 — Critical (CVSS 9.8): A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to…
- CVE-2017-7337 — Critical (CVSS 9.1): An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to…
- CVE-2023-48791 — High (CVSS 8.8): An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in…
- CVE-2021-32589 — High (CVSS 8.1): A Use After Free (CWE-416) vulnerability in FortiManager version 7.0.0, version 6.4.5 and below, version 6.2.7 and…
All CVEs affecting Fortinet Fortiportal →
Other CWE-41 vulnerabilities
- CVE-2026-5816 — High (CVSS 8.0): GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.4 and 18.11 before…
- CVE-2025-43298 — High (CVSS 7.8): A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in…
- CVE-2024-30073 — High (CVSS 7.8): Windows Security Zone Mapping Security Feature Bypass Vulnerability
- CVE-2023-36396 — High (CVSS 7.8): Windows Compressed Folder Remote Code Execution Vulnerability
- CVE-2026-23674 — High (CVSS 7.5): Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security…
- CVE-2026-49401 — High (CVSS 7.3): Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces…