Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257),
Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances.
Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0.
« An improper neutralization of special elements used in an SQL command (‘SQL Injection’) vulnerability [CWE-89] in
Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0.
« An improper neutralization of special elements used in an SQL command (‘SQL Injection’) vulnerability [CWE-89] in
,
Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances.
Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0.
« An improper neutralization of special elements used in an SQL command (‘SQL Injection’) vulnerability [CWE-89] in
Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0.
« An improper neutralization of special elements used in an SQL command (‘SQL Injection’) vulnerability [CWE-89] in
, ,
https://thehackernews.com/2025/07/fortinet-releases-patch-for-critical.html