CVE-2025-25257

Known Exploited Public Exploit

Description

An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.

Remediation

Solution:

Please upgrade to FortiWeb version 7.6.4 or above Please upgrade to FortiWeb version 7.4.8 or above Please upgrade to FortiWeb version 7.2.11 or above Please upgrade to FortiWeb version 7.0.11 or above

References

Link	Tags
https://fortiguard.fortinet.com/psirt/FG-IR-25-151	vendor advisory
https://github.com/0xbigshaq/CVE-2025-25257	third party advisory

Frequently Asked Questions

What is the severity of CVE-2025-25257?: CVE-2025-25257 has been scored as a critical severity vulnerability.
How to fix CVE-2025-25257?: To fix CVE-2025-25257: Please upgrade to FortiWeb version 7.6.4 or above Please upgrade to FortiWeb version 7.4.8 or above Please upgrade to FortiWeb version 7.2.11 or above Please upgrade to FortiWeb version 7.0.11 or above
Is CVE-2025-25257 being actively exploited in the wild?: It is confirmed that CVE-2025-25257 is actively exploited. Be extra cautious if you are using vulnerable components. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-25257?: CVE-2025-25257 affects Fortinet FortiWeb.

Description

Remediation

Category

CWE-89 – Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

References

Frequently Asked Questions