Fortinet FortiSOAR PaaS: Attackers Can Access Internal Server Ports

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

Fortinet FortiSOAR PaaS: Attackers Can Access Internal Server Ports

CVE-2025-59809

Summary

An attacker with an account on Fortinet's FortiSOAR platform can use a malicious request to discover which internal server ports are open, potentially allowing them to access sensitive information or disrupt system operations. This vulnerability affects several versions of FortiSOAR PaaS and on-premise products. Fortinet recommends upgrading to the latest version to patch this issue.

Original title

Original description

A server-side request forgery (ssrf) vulnerability [CWE-918] vulnerability in Fortinet FortiSOAR PaaS 7.6.4, FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.4, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated attacker to discover services running on local ports via crafted requests.

nvd CVSS3.1 4.3

Vulnerability type

CWE-918 Server-Side Request Forgery (SSRF)

https://fortiguard.fortinet.com/psirt/FG-IR-26-103

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026