CVE-2025-58034

Name of the Vulnerable Software and Affected Versions Fortinet FortiWeb versions 7.0.0 through 8.0.1 Fortinet FortiWeb versions 7.2.0 through 7.2.11 Fortinet FortiWeb versions 7.4.0 through 7.4.10 Fortinet FortiWeb versions 7.6.0 through 7.6.5

Description Fortinet FortiWeb is affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. This allows an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. The vulnerability is actively exploited in the wild, and CISA has added it to its Known Exploited Vulnerabilities (KEV) Catalog. Approximately 1.5k instances are exposed. Successful exploitation could lead to full system control, data breaches, and ransomware attacks. The vulnerability exists due to insufficient input validation, allowing attackers to inject arbitrary commands into the system. The

policy scripting post handler

component is implicated in the vulnerability.

Recommendations Fortinet FortiWeb versions 7.0.0 through 7.0.11: Apply the latest available patch. Fortinet FortiWeb versions 7.2.0 through 7.2.11: Apply the latest available patch. Fortinet FortiWeb versions 7.4.0 through 7.4.10: Apply the latest available patch. Fortinet FortiWeb versions 7.6.0 through 7.6.5: Apply the latest available patch. Fortinet FortiWeb versions 8.0.0 through 8.0.1: Apply the latest available patch.