CVE-2025-47856 – Fortinet FortiVoice OS Command Injection

CVE ID : CVE-2025-47856

Published : Oct. 14, 2025, 2:15 p.m. | 24 minutes ago

Description : Two improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerabilities [CWE-78] in Fortinet FortiVoice version 7.2.0, 7.0.0 through 7.0.6 and before 6.4.10 allows a privileged attacker to execute arbitrary code or commands via crafted HTTP/HTTPS or CLI requests.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…