ГлавнаяУязвимости → CVE-2025-64446
9.8критическая

CVE-2025-64446

Описание

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.

Затрагиваемое ПО
Fortinet Fortiweb
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://fortiguard.fortinet.com/psirt/FG-IR-25-910https://github.com/watchtowrlabs/watchTowr-vs-Fortiweb-AuthBypasshttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-64446