CVE-2025-25257
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-25257. We'll provide specific mitigation strategies based on your environment and risk profile.
CVSS Score
V3.1Attack Vector Metrics
Impact Metrics
Description
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
Available Exploits
Related News
A fresh vulnerability, CVE-2025-25257 (CVSS 9.6) in Fortinet’s FortiWeb Fabric Connector presents high risk globally. Although the CVE is still only in RESERVED status as of July 14th, 2025, it has already received a national CERT advisory from Belgium’s CERT…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet FortiWeb flaw, tracked as CVE-2025-25257, …
Hackers exploited a Fortinet FortiWeb flaw the same day a PoC was published, compromising dozens of systems. Hackers began exploiting a critical Fortinet FortiWeb flaw, tracked as CVE-2025-25257 (CVSS score of 9.6), on the same day a proof-of-concept (PoC) ex…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability These types of vulnerabilities are frequ…
Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257. [...]
Known Exploited Vulnerability
This vulnerability is actively being exploited in the wild
Remediation Status
Due Date
Added to KEV
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Product
Ransomware Risk
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
Affected Products (ENISA)
ENISA Scoring
CVSS Score (3.1)
EPSS Score
ENISA References
Data provided by ENISA EU Vulnerability Database. Last updated: July 18, 2025
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
Advisory provided by GitHub Security Advisory Database. Published: July 17, 2025, Modified: July 17, 2025
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
Wer nutzt eigentlich noch CISCO? Cisco hat mal wieder eine neue Sicherheitslücke mit höchstem Schweregrad offengelegt, bei der Code mit erhöhten Berechtigungen ausgeführt werden kann. "These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted API request. A successful exploit …
🔥 Top 10 Trending CVEs (22/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-53816](https://nvd.nist.gov/vuln/detail/CVE-2025-53816)** - 📝 7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in …
🔥 Top 10 Trending CVEs (21/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-53771](https://nvd.nist.gov/vuln/detail/CVE-2025-53771)** - 📝 Microsoft SharePoint Server Spoofing Vulnerability - 📅 **Published:** 20/07/2025 - 📈 **CVSS:** 6.3 - 🧭 **Vector:** CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C - 📣 **Mentions:** 9 - 📝 **Analysis:** A SharePoint Server spoofing …
🔥 Top 10 Trending CVEs (20/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-53770](https://nvd.nist.gov/vuln/detail/CVE-2025-53770)** - 📝 Microsoft SharePoint Server Remote Code Execution Vulnerability - 📅 **Published:** 20/07/2025 - 📈 **CVSS:** 9.8 - 🧭 **Vector:** CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C - 📣 **Mentions:** 13 - ⚠️ **Priority:** 4 - …
🔥 Top 10 Trending CVEs (20/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-53770](https://nvd.nist.gov/vuln/detail/CVE-2025-53770)** - 📝 Microsoft SharePoint Server Remote Code Execution Vulnerability - 📅 **Published:** 20/07/2025 - 📈 **CVSS:** 9.8 - 🧭 **Vector:** CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C - 📣 **Mentions:** 13 - ⚠️ **Priority:** 4 - …
Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release
Fortinet FortiWeb Instances Under Attack Due to Public RCE Exploit **Multiple Fortinet FortiWeb instances have been compromised through a recently patched remote code execution flaw, posing a significant security threat.** **Key Points:** - Publicly disclosed exploits linked to critical RCE flaw (CVE-2025-25257) - Recent infections reported by The Shadowserver Foundation …