← back
CVE-2025-59669

CVE-2025-59669

CVSS 4.8 MEDIUMEPSS 0.1%CWE-798
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.8EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Nov 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A use of hard-coded credentials vulnerability in Fortinet FortiWeb 7.6.0, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker with shell access to the device to connect to redis service and access its data
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:U/RC:R
Affected products
Fortinet · FortiWeb

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →