CVE-2025-25257 — FortiWeb Critical SQL Injection Vulnerability 🔥 🧠 Overview Vulnerability Type: Unauthenticated SQL Injection Component Affected: FortiWeb GUI / Fabric Connector API CVSS Score: 9.6 – 9.8 (Critical) CWE: CWE-89 – Improper Neutralization of Special Elements in SQL Commands Discovered & Patched: July 2025 Exploitation Status: Proof-of-concept publicly available; exploitation expected 🛠 Affected Versions | FortiWeb Version | Affected Range | Fixed Version | | —————- | ————— | ————— | | 7.6 | 7.6.0 to 7.6.3 | 7.6.4 or later | | 7.4 | 7.4.0 to 7.4.7 | 7.4.8 or later | | 7.2 | 7.2.0 to 7.2.10 | 7.2.11 or later | | 7.0 | 7.0.0 to 7.0.10 | 7.0.11 or later | 🚨 Technical Details The vulnerability allows attackers to inject SQL into HTTP/S requests without any login. One of the vulnerable endpoints is /api/fabric/device/status, where SQL payloads in the Authorization: Bearer header can be executed. Potential impact includes full database compromise, data theft, or remote code execution via SELECT … INTO OUTFILE or similar techniques. 🔐 Risk Attack Vector: Remote, no authentication required Impact: Full access to FortiWeb backend DB, possible system compromise Threat Level: Critical — especially since FortiWeb is a security appliance 🧩 Mitigation Steps Patch immediately to the fixed version corresponding to your FortiWeb release. Restrict or disable HTTP/HTTPS access to…Read More