{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2025-024.pdf"
    },
    "title": "Critical Vulnerability in FortiWeb",
    "serial_number": "2025-024",
    "publish_date": "11-07-2025 09:47:08",
    "description": "On July 8, 2025, Fortinet released a security advisory addressing a critical vulnerability in its FortiWeb product that would allow an attacker to execute unauthorised code or commands on the affected systems.<br>\nIt is recommended mitigating this vulnerability as soon as possible.<br>\n",
    "url_title": "2025-024",
    "content_markdown": "---    \ntitle: 'Critical Vulnerability in\u00a0FortiWeb'\nnumber: '2025-024'\nversion: '1.0'\noriginal_date: '2025-07-08'\ndate: '2025-07-11'\n---\n\n_History:_\n\n* _11/07/2025 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn July 8, 2025, Fortinet released a security advisory addressing a critical vulnerability in its FortiWeb product that would allow an attacker to execute unauthorised code or commands on the affected systems.\n\nIt is recommended mitigating this vulnerability as soon as possible.\n\n# Technical Details\n\nThe vulnerability **CVE-2025-25257**, with a CVSS score of 9.6, is due to an improper neutralisation of special elements used in an SQL command. It may allow an unauthenticated attacker to execute unauthorised SQL code or commands via crafted HTTP or HTTPs requests.\n\n# Affected Products\n\nThe following product versions are affected by the vulnerability:\n\n- FortiWeb 7.6, versions 7.6.0 through 7.6.3\n- FortiWeb 7.4, versions 7.4.0 through 7.4.7\n- FortiWeb 7.2, versions7.2.0 through 7.2.10\n- FortiWeb 7.0, versions 7.0.0 through 7.0.10\n\n# Recommendations\n\nIt is recommended updating affected devices as soon as possible.\n\n## Mitigation\n\nIt is possible to mitigate this vulnerability by disabling the HTTP/HTTPS administrative interface.\n\n# References\n\n[1] <https://fortiguard.fortinet.com/psirt/FG-IR-25-151>",
    "content_html": "<p><em>History:</em></p><ul><li><em>11/07/2025 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On July 8, 2025, Fortinet released a security advisory addressing a critical vulnerability in its FortiWeb product that would allow an attacker to execute unauthorised code or commands on the affected systems.</p><p>It is recommended mitigating this vulnerability as soon as possible.</p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerability <strong>CVE-2025-25257</strong>, with a CVSS score of 9.6, is due to an improper neutralisation of special elements used in an SQL command. It may allow an unauthenticated attacker to execute unauthorised SQL code or commands via crafted HTTP or HTTPs requests.</p><h2 id=\"affected-products\">Affected Products</h2><p>The following product versions are affected by the vulnerability:</p><ul><li>FortiWeb 7.6, versions 7.6.0 through 7.6.3</li><li>FortiWeb 7.4, versions 7.4.0 through 7.4.7</li><li>FortiWeb 7.2, versions7.2.0 through 7.2.10</li><li>FortiWeb 7.0, versions 7.0.0 through 7.0.10</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>It is recommended updating affected devices as soon as possible.</p><h3 id=\"mitigation\">Mitigation</h3><p>It is possible to mitigate this vulnerability by disabling the HTTP/HTTPS administrative interface.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://fortiguard.fortinet.com/psirt/FG-IR-25-151\">https://fortiguard.fortinet.com/psirt/FG-IR-25-151</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}