A critical SQL injection vulnerability (CVE-2025-25257) in Fortinet FortiWeb allows attackers to execute remote code without authentication, potentially leading to server compromise. The flaw has been publicly exploited through proof-of-concept tools, emphasizing the urgency for timely patching. #FortiWeb #SQLInjection
Keypoints
- A severe SQLi vulnerability affects Fortinet FortiWeb versions before 7.6.4 and others.
- Researchers demonstrated the ability to escalate SQL injection to remote code execution.
- The flaw resides in FortiWebโs Fabric Connectorโs handling of the Authorization header.
- Exploits involve injecting SQL that can write malicious files and trigger remote code execution.
- Fortinet has issued patches, and administrators are advised to update immediately to prevent exploitation.