Fortinet FortiWeb Vulnerabilities Exploited in the Wild

First reported

24.11.2025 14:32

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Fortinet has disclosed a new medium-severity vulnerability (CVE-2025-58034) in FortiWeb, which is being actively exploited. This vulnerability, with a CVSS score of 6.7, allows authenticated attackers to execute unauthorized code via crafted HTTP requests or CLI commands. The flaw was patched in version 8.0.2. Additionally, Fortinet silently patched another critical FortiWeb vulnerability (CVE-2025-64446, CVSS score: 9.1) in the same version. Exploitation campaigns have been observed chaining these vulnerabilities to facilitate authentication bypass and command injection. Fortinet's handling of these disclosures has been criticized for its delayed and fragmented approach. This development highlights the ongoing risks associated with unpatched vulnerabilities in network security appliances and the importance of timely and transparent disclosure practices.

Timeline

24.11.2025 14:32 1 articles · 23h ago

Fortinet Discloses and Patches Actively Exploited FortiWeb Vulnerabilities
Fortinet has disclosed a new medium-severity vulnerability (CVE-2025-58034) in FortiWeb, which is being actively exploited. This vulnerability, with a CVSS score of 6.7, allows authenticated attackers to execute unauthorized code via crafted HTTP requests or CLI commands. The flaw was patched in version 8.0.2. Additionally, Fortinet silently patched another critical FortiWeb vulnerability (CVE-2025-64446, CVSS score: 9.1) in the same version. Exploitation campaigns have been observed chaining these vulnerabilities to facilitate authentication bypass and command injection. Fortinet's handling of these disclosures has been criticized for its delayed and fragmented approach.
Show sources

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More — thehackernews.com — 24.11.2025 14:32
Open in new tab

Information Snippets

Fortinet disclosed a new medium-severity vulnerability (CVE-2025-58034) in FortiWeb, which is being actively exploited.
First reported: 24.11.2025 14:32

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More — thehackernews.com — 24.11.2025 14:32
The vulnerability has a CVSS score of 6.7 and allows authenticated attackers to execute unauthorized code via crafted HTTP requests or CLI commands.
First reported: 24.11.2025 14:32

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More — thehackernews.com — 24.11.2025 14:32
The flaw was patched in FortiWeb version 8.0.2.
First reported: 24.11.2025 14:32

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More — thehackernews.com — 24.11.2025 14:32
Fortinet also silently patched another critical FortiWeb vulnerability (CVE-2025-64446, CVSS score: 9.1) in the same version.
First reported: 24.11.2025 14:32

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More — thehackernews.com — 24.11.2025 14:32
Exploitation campaigns have been observed chaining CVE-2025-58034 with CVE-2025-64446 to facilitate authentication bypass and command injection.
First reported: 24.11.2025 14:32

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More — thehackernews.com — 24.11.2025 14:32
Fortinet's handling of these disclosures has been criticized for its delayed and fragmented approach.
First reported: 24.11.2025 14:32

1 source, 1 article
Show sources
- ⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More — thehackernews.com — 24.11.2025 14:32

Summary

Timeline

Fortinet Discloses and Patches Actively Exploited FortiWeb Vulnerabilities

Information Snippets