Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dcontesti
Community Champion
‎11-18-2025 04:18 PM
‎11-18-2025 04:18 PM

Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts

A write up on the Fortinet exploit.

 

Fortinet finally published a security advisory on Friday for a critical FortiWeb path traversal vulnerability under active exploitation – but it appears digital intruders got a month's head start.

 

The bug, now tracked as CVE-2025-64446, allows unauthenticated attackers to execute administrative commands on Fortinet's web application firewall product and fully take over vulnerable devices. It's fully patched in FortiWeb version 8.0.2, but it didn't even have a CVE assigned to it until Friday, when the vendor admitted to having "observed this to be exploited in the wild."

 

https://thehackernews.com/2025/11/fortinet-fortiweb-flaw-actively.html?is=edd1d96d3b429ca7eaae0b1f51...

 

 

 

Reply
0 Kudos
0 Replies