July 11, 2025 By Lawrence Abrams
Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers.
FortiWeb is a web application firewall (WAF), which is used to protect web applications from malicious HTTP traffic and threats.
The FortiWeb vulnerability has a 9.8/10 severity score and is tracked as CVE-2025-25257. Fortinet fixed it last week in FortiWeb 7.6.4, 7.4.8, 7.2.11, and 7.0.11 and later versions.
"An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWeb may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests," reads Fortinet's advisory.
The flaw was discovered by Kentaro Kawane from GMO Cybersecurity, who also disclosed a static hardcoded password vulnerability in Cisco ISE last month.
