CVE-2025-64446 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 thr…
Critical KEV CVSS: 9.8

CVE-2025-64446

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
Vendor
Fortinet
Product
Fortiweb
CWE
CWE-23
Yayın Tarihi
2025-11-14 16:15:58
Güncelleme
2025-11-21 18:27:33
Source Identifier
psirt@fortinet.com
KEV Date Added
2025-11-14

Kategoriler

CWE-23 Fortiweb CRITICAL Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-25-910 https://github.com/watchtowrlabs/watchTowr-vs-Fortiweb-AuthBypass https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-64446