Fortinet on Tuesday disclosed a second zero-day vulnerability in its FortiWeb product line, less than a week after revealing a different flaw in its web application firewall (WAF) line had been ...
Fortinet has confirmed that it has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now "massively exploited in the wild." The flaw was silently ...
A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication. The issue is fixed in FortiWeb ...
CVE-2025-64446 allows unauthenticated attackers to run admin commands on FortiWeb WAF systems Actively exploited in the wild; affects versions 7.0.0–8.0.1, patched in 8.0.2 CISA added it to KEV; ...
Only days after Fortinet was criticized by researchers for ‘silently’ patching a zero-day vulnerability without informing its customers, it has emerged that it did the same for a second zero-day that ...
Fortinet has uncovered a bug in its FortiWeb firewall offering, the second issue to be reported with the product in a month. First reported by The Register, the vulnerability (CVE-2025-58034) could ...
Attackers have repeatedly targeted Fortinet's Web Application Firewall (WAF) FortiWeb. There is now a security patch. However, other products from the network security appliance vendor are still ...
Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet disclosed or rated its severity. Security researchers are warning about two ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback