Fortinet Releases Patches for Critical Security Flaw in FortiWeb
CybersecurityFortinetFortiWebVulnerabilityPatchSQLInjectionCVE-2025-25257CVSSCWE-89
Fortinet has released patches for a critical security vulnerability affecting FortiWeb, which allows an unauthenticated attacker to execute arbitrary database commands on vulnerable instances. This vulnerability, listed under the number CVE-2025-25257, has a CVSS score of 9.6 out of 10. It is classified as a SQL injection (CWE-89).