{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-31104", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2025-03-26T14:23:51.630Z", "datePublished": "2025-06-10T16:36:13.131Z", "dateUpdated": "2025-06-11T04:01:45.873Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiADC", "cpes": ["cpe:2.3:h:fortinet:fortiadc:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.6.0", "lessThanOrEqual": "7.6.1", "status": "affected"}, {"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.6", "status": "affected"}, {"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.7", "status": "affected"}, {"versionType": "semver", "version": "7.1.0", "lessThanOrEqual": "7.1.4", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.6", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.6", "status": "affected"}, {"versionType": "semver", "version": "6.1.0", "lessThanOrEqual": "6.1.6", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.7, 7.1.0 through 7.1.4, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated attacker to execute unauthorized code via crafted HTTP requests."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-06-10T16:36:13.131Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-78", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiADC version 8.0.0 or above \nPlease upgrade to FortiADC version 7.6.2 or above \nPlease upgrade to FortiADC version 7.4.7 or above \nPlease upgrade to FortiADC version 7.2.8 or above \nPlease upgrade to FortiADC version 7.1.5 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-099", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-099"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-10T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-31104"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-11T04:01:45.873Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-31104", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-10T18:33:54.522164Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-10T18:33:59.349Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:2.3:h:fortinet:fortiadc:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiADC", "versions": [{"status": "affected", "version": "7.6.0", "versionType": "semver", "lessThanOrEqual": "7.6.1"}, {"status": "affected", "version": "7.4.0", "versionType": "semver", "lessThanOrEqual": "7.4.6"}, {"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.7"}, {"status": "affected", "version": "7.1.0", "versionType": "semver", "lessThanOrEqual": "7.1.4"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.6"}, {"status": "affected", "version": "6.2.0", "versionType": "semver", "lessThanOrEqual": "6.2.6"}, {"status": "affected", "version": "6.1.0", "versionType": "semver", "lessThanOrEqual": "6.1.6"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiADC version 8.0.0 or above \nPlease upgrade to FortiADC version 7.6.2 or above \nPlease upgrade to FortiADC version 7.4.7 or above \nPlease upgrade to FortiADC version 7.2.8 or above \nPlease upgrade to FortiADC version 7.1.5 or above"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-099", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-099"}], "descriptions": [{"lang": "en", "value": "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.7, 7.1.0 through 7.1.4, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated attacker to execute unauthorized code via crafted HTTP requests."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "Execute unauthorized code or commands"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-06-10T16:36:13.131Z"}}}, "cveMetadata": {"cveId": "CVE-2025-31104", "state": "PUBLISHED", "dateUpdated": "2025-06-10T18:34:04.886Z", "dateReserved": "2025-03-26T14:23:51.630Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2025-06-10T16:36:13.131Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", "matchCriteriaId": "76B80010-5154-4695-927C-D9E104D956F6", "versionEndExcluding": "7.1.5", "versionStartIncluding": "6.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA91E054-96EB-4F87-8132-0838D6F40F36", "versionEndExcluding": "7.2.8", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE545405-6F6D-4B5F-929C-FE966F3C5FC7", "versionEndExcluding": "7.4.7", "versionStartIncluding": "7.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B0431F4-19A9-4D05-8290-16C5ABC149D3", "versionEndExcluding": "7.6.2", "versionStartIncluding": "7.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.7, 7.1.0 through 7.1.4, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated attacker to execute unauthorized code via crafted HTTP requests."}, {"lang": "es", "value": "Una vulnerabilidad de neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando del SO ('inyecci\u00f3n de comando del SO') [CWE-78] en FortiADC 7.6.0 a 7.6.1, 7.4.0 a 7.4.6, 7.2.0 a 7.2.7, 7.1.0 a 7.1.4, 7.0 todas las versiones, 6.2 todas las versiones, 6.1 todas las versiones puede permitir que un atacante autenticado ejecute c\u00f3digo no autorizado a trav\u00e9s de solicitudes HTTP manipuladas."}], "id": "CVE-2025-31104", "lastModified": "2025-07-22T17:06:49.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2025-06-10T17:21:22.873", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-099"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "psirt@fortinet.com", "type": "Primary"}]}

{}