CVE-2025-27759 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb version 7.6.0 through…
Medium CVSS: 6.7

CVE-2025-27759

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and before 7.0.10 allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI commands
Vendor
Fortinet
Product
Fortiweb
CWE
CWE-78
Yayın Tarihi
2025-08-12 19:15:28
Güncelleme
2025-08-14 01:21:25
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-78 Fortiweb MEDIUM Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-25-150