CVE-2025-58034 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiWeb 8.0.0 th…
High KEV CVSS: 7.2

CVE-2025-58034

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.
Vendor
Fortinet
Product
Fortiweb
CWE
CWE-78
Yayın Tarihi
2025-11-18 17:16:05
Güncelleme
2025-11-21 18:27:43
Source Identifier
psirt@fortinet.com
KEV Date Added
2025-11-18

Kategoriler

CWE-78 Fortiweb HIGH Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-25-513 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-58034