Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiProxy 7.6.2 Release Notes
    7.6.2
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.13
    7.4.12
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.16
    7.2.15
    7.2.14
    7.2.13
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.23
    7.0.22
    7.0.21
    7.0.20
    7.0.19
    7.0.18
    7.0.17
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    2.0.14
    2.0.13
    2.0.12
    2.0.11
    2.0.10
    2.0.9
    2.0.8
    2.0.7
    2.0.6
    2.0.5
    2.0.4
    2.0.3
    2.0.2
    2.0.1
    2.0.0
    1.2.13
    1.2.12
    1.2.11
    1.2.10
    1.2.9
    1.2.8
    1.2.7
    1.2.6
    1.2.5
    1.2.4
    1.2.3
    1.2.2
    1.2.1
    1.2.0
    1.1.6
    1.1.5
    1.1.4
    1.1.3
    1.1.2
    1.1.1
    1.1.0
    1.0.7
    1.0.6
    1.0.5
    1.0.4
    1.0.3
    1.0.2
    1.0.1
    1.0.0

    Resolved issues

    Resolved issues

    The following issues have been fixed in FortiProxy 7.6.2. For inquiries about a particular bug, please contact Customer Service & Support.

    Description

    Bug ID
    1100906 Source NAT shows 0.0.0.0 in the logs.
    1105731 Add connection timeout and its handler in wad_p2s_http_sesmodule.
    1105549 Wrong signature algorithm is specified in certificates re-signed by a CA with ECDSA public key.
    1096728 Continuous WAD crashing on Azure which affects some VIP traffic.
    1074493 Some HTTP Transaction logs do not contain category and category description when webfilter is enabled.
    1103965 Fails to create local certificate file.
    1102925 ZTNA: An http1 strm is unnecessary created and leak when p2s connection is http2.
    1101083 WAD app-based policy crash.
    1097877 The license sharing widget does not show the purchased license seats of temporarily disconnected members that are still within the 8-hour grace period.

    1103035

    		 No backward-compatibility for license sharing.
    1107205 WAD worker memory leak.
    1106916, 1107097 Potential buffer overrun in memcpy.
    1107762 Web proxy does not respect the over-size limit value when system memory is large.
    1085418,1108118 Content analysis filename shows "Image Cache Was Cleared".
    1107787 DLP license status is not correct on GUI.
    983997,1099574 Failed to validate two different CAs with the same subject and issuer.
    1103266

    Remove default static client certificate for SSL/SSH inspection.
    1106384 TFTP functions are not working.
    1109812 Certificate authentication scheme Issue with IP-based policy and "user-cert" option.
    1106496 Azure deployment failed with image-definition and HyperV Gen2.
    1107077,1107230 No buffer size checking before memory copy and move operations.
    1083120 Inline-IPS does not support FortiProxy reporting to FortiGuard for its triggered signatures.
    1109045 FPX-VM license does not change to invalid after FortiGuard server returns failure.
    1110056 The service-connector configuration is global rather than per VDOM.
    1097304 HA goes out-of-sync repeatedly despite no configuration changes.
    1108723 Certificate authentication causes redirect loop between destination URL and authentication service port 7832.
    1113147,1113148

    BUFFER_SIZE found in daemon-dnsproxy.
    1083357,1112229 Inline IPS does not block SharePoint upload.
    1093606 Buffer overflow.
    1112306 Fix heap buffer overflow in HTTP request line for the CSF proxy.
    874516,1100819 Support AES-256 and AES-GMAC for SMB traffic in WAD and make krb5 vdom aware in 6.x kernel.
    1108891 Permission escalation through websocket module in Node.js granting super admin access to the CLI.
    1105419

    SSL inspection is being applied even though traffic matches a policy that has no inspection.
    1088866 Uploading of password-protected archive files is blocked.
    1114890 ICAP UTM log does not have poluuid.
    1115155 Bytes counter under Policy & Objects > Policy is always 0 although there are traffic hitting the policy.
    1114569 L7 VIP does not work.
    1115246 Release build fails with failover change.
    1103696 When the ICAP client sends a preview 0 request, the request ends with only one CRLF.
    1095678 OVERRUN found in daemon-wad.

    1116523

    FortiProxy video filter embedded block replacement message for Youtube shows FortiGate instead of FortiProxy.

    1115137

    Increase the maximum value of proxy-auth-timeout from 600 to 4320 minutes.

    1112600

    The wad_ftp_session_task_start does not initiate while establishing the data connection.

    1109949

    proxy-address http-method match failure.

    1089162

    In transparent mode, IP address changes on management interface is not learned until reboot.

    1115027

    ICAP does not support sending SNI when FQDN is configured.

    1117346

    HTTPS Resource Record requests are bypassed by FortiProxy DNS filter.

    1108350

    Different category rating between FortiGuard web page and FortiProxy query.

    1117073, 1117054, 1112756, 1115155, 1116117, 1115287, 1115283, 1107974, 1108244, 1117855, 1117604

    GUI issues.

    1107013

    wad_hash_cache timeout issue.

    1106446

    No indication if a connection is websocket-based in HTTP transaction log.

    1107113

    ssl exempt logs "destination" and "destination-interface" fields not correct

    1107847

    Explicit proxy feature is not enabled by default.

    1115799

    VIP does not follow policy.

    1117116

    Failure in certificate authentication.

    1117526

    list_entry should be typesafe.

    1115595

    Traffic log says utmaction="allowed" when the security profile is not configured so.

    Common vulnerabilities and exposures

    FortiProxy 7.6.2 is no longer vulnerable to the following CVE references. Visit https://fortiguard.com/psirt for more information.

    Bug ID

    CVE reference
    1108969 CVE-2025-22252

    1147743

    CVE-2025-22254

    1117346

    CVE-2024-55599

    1121042

    CVE-2024-52965

    1109747

    CVE-2025-25253

    1112306

    CVE-2025-22258

    1119207

    CVE-2025-47890

    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been fixed in FortiProxy 7.6.2. For inquiries about a particular bug, please contact Customer Service & Support.

    Description

    Bug ID
    1100906 Source NAT shows 0.0.0.0 in the logs.
    1105731 Add connection timeout and its handler in wad_p2s_http_sesmodule.
    1105549 Wrong signature algorithm is specified in certificates re-signed by a CA with ECDSA public key.
    1096728 Continuous WAD crashing on Azure which affects some VIP traffic.
    1074493 Some HTTP Transaction logs do not contain category and category description when webfilter is enabled.
    1103965 Fails to create local certificate file.
    1102925 ZTNA: An http1 strm is unnecessary created and leak when p2s connection is http2.
    1101083 WAD app-based policy crash.
    1097877 The license sharing widget does not show the purchased license seats of temporarily disconnected members that are still within the 8-hour grace period.

    1103035

    		 No backward-compatibility for license sharing.
    1107205 WAD worker memory leak.
    1106916, 1107097 Potential buffer overrun in memcpy.
    1107762 Web proxy does not respect the over-size limit value when system memory is large.
    1085418,1108118 Content analysis filename shows "Image Cache Was Cleared".
    1107787 DLP license status is not correct on GUI.
    983997,1099574 Failed to validate two different CAs with the same subject and issuer.
    1103266

    Remove default static client certificate for SSL/SSH inspection.
    1106384 TFTP functions are not working.
    1109812 Certificate authentication scheme Issue with IP-based policy and "user-cert" option.
    1106496 Azure deployment failed with image-definition and HyperV Gen2.
    1107077,1107230 No buffer size checking before memory copy and move operations.
    1083120 Inline-IPS does not support FortiProxy reporting to FortiGuard for its triggered signatures.
    1109045 FPX-VM license does not change to invalid after FortiGuard server returns failure.
    1110056 The service-connector configuration is global rather than per VDOM.
    1097304 HA goes out-of-sync repeatedly despite no configuration changes.
    1108723 Certificate authentication causes redirect loop between destination URL and authentication service port 7832.
    1113147,1113148

    BUFFER_SIZE found in daemon-dnsproxy.
    1083357,1112229 Inline IPS does not block SharePoint upload.
    1093606 Buffer overflow.
    1112306 Fix heap buffer overflow in HTTP request line for the CSF proxy.
    874516,1100819 Support AES-256 and AES-GMAC for SMB traffic in WAD and make krb5 vdom aware in 6.x kernel.
    1108891 Permission escalation through websocket module in Node.js granting super admin access to the CLI.
    1105419

    SSL inspection is being applied even though traffic matches a policy that has no inspection.
    1088866 Uploading of password-protected archive files is blocked.
    1114890 ICAP UTM log does not have poluuid.
    1115155 Bytes counter under Policy & Objects > Policy is always 0 although there are traffic hitting the policy.
    1114569 L7 VIP does not work.
    1115246 Release build fails with failover change.
    1103696 When the ICAP client sends a preview 0 request, the request ends with only one CRLF.
    1095678 OVERRUN found in daemon-wad.

    1116523

    FortiProxy video filter embedded block replacement message for Youtube shows FortiGate instead of FortiProxy.

    1115137

    Increase the maximum value of proxy-auth-timeout from 600 to 4320 minutes.

    1112600

    The wad_ftp_session_task_start does not initiate while establishing the data connection.

    1109949

    proxy-address http-method match failure.

    1089162

    In transparent mode, IP address changes on management interface is not learned until reboot.

    1115027

    ICAP does not support sending SNI when FQDN is configured.

    1117346

    HTTPS Resource Record requests are bypassed by FortiProxy DNS filter.

    1108350

    Different category rating between FortiGuard web page and FortiProxy query.

    1117073, 1117054, 1112756, 1115155, 1116117, 1115287, 1115283, 1107974, 1108244, 1117855, 1117604

    GUI issues.

    1107013

    wad_hash_cache timeout issue.

    1106446

    No indication if a connection is websocket-based in HTTP transaction log.

    1107113

    ssl exempt logs "destination" and "destination-interface" fields not correct

    1107847

    Explicit proxy feature is not enabled by default.

    1115799

    VIP does not follow policy.

    1117116

    Failure in certificate authentication.

    1117526

    list_entry should be typesafe.

    1115595

    Traffic log says utmaction="allowed" when the security profile is not configured so.

    Common vulnerabilities and exposures

    FortiProxy 7.6.2 is no longer vulnerable to the following CVE references. Visit https://fortiguard.com/psirt for more information.

    Bug ID

    CVE reference
    1108969 CVE-2025-22252

    1147743

    CVE-2025-22254

    1117346

    CVE-2024-55599

    1121042

    CVE-2024-52965

    1109747

    CVE-2025-25253

    1112306

    CVE-2025-22258

    1119207

    CVE-2025-47890

    Previous
    Next