← back
CVE-2025-25257

CVE-2025-25257

CVSS 9.6 CRITICALEPSS 96.7%● KEVCWE-89
In short

FortiWeb versions 7.0 through 7.6 contain a SQL injection vulnerability that allows attackers to execute arbitrary SQL commands without authentication. This is critical because an attacker could access, modify, or delete sensitive database information.

Technical detail

SQL injection vulnerability in FortiWeb allows unauthenticated attackers to inject malicious SQL code through crafted HTTP/HTTPS requests due to improper input neutralization. Affected versions include 7.0.0-7.0.10, 7.2.0-7.2.10, 7.4.0-7.4.7, and 7.6.0-7.6.3. Successful exploitation enables unauthorized database access and manipulation with CVSS 9.6 criticality.

Summary generated and translated by AI from the official description.
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C
Affected products
Fortinet · FortiWeb
public PoCs found14
githubgithub.com/watchtowrlabs/watchTowr-vs-FortiWeb-CVE-2025-2525798cve_referencegithub.com/0xbigshaq/CVE-2025-2525764githubgithub.com/TheStingR/CVE-2025-252575githubgithub.com/mrmtwoj/CVE-2025-252571githubgithub.com/segfault-it/CVE-2025-252571githubgithub.com/aitorfirm/CVE-2025-252571githubgithub.com/imbas007/CVE-2025-252571githubgithub.com/0xgh057r3c0n/CVE-2025-252571githubgithub.com/mr-r3b00t/CVE-2025-252570githubgithub.com/lytianahkone-boop/cve-2025-252570githubgithub.com/GarethMSheldon/Fortinet-FortiWeb-Fabric-Connector-CVE-2025-25257-Detection0githubgithub.com/adilburaksen/CVE-2025-25257-Exploit-Tool0cve_referencewww.exploit-db.com/exploits/52473unverifiedcve_referencepacketstorm.news/files/id/210193/unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-151https://github.com/0xbigshaq/CVE-2025-25257https://packetstorm.news/files/id/210193/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-25257https://www.exploit-db.com/exploits/52473