HTTP response splitting in FortiProxy and FortiOS - CVE-2025-62826

 

HTTP response splitting in FortiProxy and FortiOS - CVE-2025-62826

Published: July 14, 2026


Vulnerability identifier: #VU137530
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-62826
CWE-ID: CWE-113
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Fortinet, Inc
Affected software:
FortiProxy
FortiOS

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper neutralization of crlf sequences in http headers ('http response splitting') in captive portal authentication form. An attacker able can intercept and modify a user's authentication request to inject arbitrary headers via crafted HTTP requests.


How to mitigate CVE-2025-62826

Install update from vendor's website.

Sources