SB2026071497 - HTTP response splitting in FortiOS and FortiProxy



SB2026071497 - HTTP response splitting in FortiOS and FortiProxy

Published: July 14, 2026

Security Bulletin ID SB2026071497
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) HTTP response splitting (CVE-ID: CVE-2025-62675)

CWE-ID: CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper neutralization of crlf sequences in http headers ('http response splitting') in Web Filter warning page. An attacker in possession of a valid web filter override token can inject arbitrary headers via tricking a user into clicking on a crafted link.


Remediation

Install update from vendor's website.