Proof-of-Concept Exploit Observed for Critical Zero-Day
By Anna Balabushko CVE-2025-32756 is a critical remote code execution (RCE) vulnerability affecting multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. The flaw arises from a stack-based buffer overflow in the handling of the AuthHash cookie’s enc parameter within the /remote/hostcheck_validate HTTP endpoint. Due to insufficient input validation, unauthenticated attackers can send specially […]