CVE-2025-25257 – Fortinet FortiWeb SQL Injection Vulnerability

July 17, 2025

CVE ID : CVE-2025-25257

Published : July 17, 2025, 4:15 p.m. | 2 hours, 14 minutes ago

Description : An improper neutralization of special elements used in an SQL command (‘SQL Injection’) vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-47356 – Mingyu Security Gateway Remote Command Execution Vulnerability

Next Article CVE-2025-54066 – DiracX-Web Redirect Hijacking Vulnerability

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Too many open browser tabs? This is still my favorite solution – and has been for years

This new browser won’t monetize your every move – how to try it

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

The details of TC39’s last meeting

The details of TC39’s last meeting

Reclaim Space: Delete Docker Orphan Layers

Notes Android App Using SQLite

KeySmith – SSH key management

KeySmith – SSH key management

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

CVE-2025-25257 – Fortinet FortiWeb SQL Injection Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

The Anatomy of an RCE Attack : The Hacker’s Big Score

How INRIX accelerates transportation planning with Amazon Bedrock

CVE-2025-47573 – Mojoomla School Management SQL Injection

How to use Lottie animations

Rilasciato APT 3.0: il gestore di pacchetti software di Debian si rinnova

CVE-2025-5630 – D-Link DIR-816 Remote Stack-Based Buffer Overflow Vulnerability

CVE-2025-48866 – ModSecurity SanitizeArg Denial of Service Vulnerability

This tiny Bluetooth speaker delivers loud, distortion-free sound – and it’s on sale

CVE-2025-25257 – Fortinet FortiWeb SQL Injection Vulnerability

Related Posts