"The Register has already reported on the vulnerability. The vulnerability, registered as CVE-2025-58034, allows logged-in attackers to execute their own code on the device via manipulated HTTP requests or CLI commands. An upgrade to the latest FortiWeb version is necessary to eliminate the risk. According to Fortinet, the flaw is being actively exploited. Researchers at Trend Micro report that they have now observed thousands of attempts by attackers to exploit the vulnerability."
"Fortinet did not share any further details about who is behind the attacks. The company has not reported how widespread the abuse is. However, the question remains whether this new flaw is related to another leak in FortiWeb. That earlier vulnerability, CVE-2025-64446, makes it possible to bypass authentication and execute commands on the system without login credentials. That problem was also exploited by attackers before a patch was available."
A second zero-day in FortiWeb, tracked as CVE-2025-58034, permits logged-in attackers to execute code via manipulated HTTP requests or CLI commands. Fortinet released an update to address the flaw. Trend Micro observed thousands of exploitation attempts, and Fortinet reports active exploitation. CISA added the vulnerability to its known actively exploited list and mandated a one-week patch deadline for government agencies. An earlier FortiWeb vulnerability, CVE-2025-64446, allowed authentication bypass and pre-patch exploitation. Security researchers warn that the two flaws can be combined, enabling attackers to bypass login procedures and then execute commands within authenticated sessions.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]