{"id":66458,"date":"2025-07-17T20:32:09","date_gmt":"2025-07-17T17:02:09","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-25257-fortinet-fortiweb-sql-injection-vulnerability\/"},"modified":"2025-07-17T20:32:09","modified_gmt":"2025-07-17T17:02:09","slug":"cve-2025-25257-fortinet-fortiweb-sql-injection-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-25257-fortinet-fortiweb-sql-injection-vulnerability\/","title":{"rendered":"CVE-2025-25257 &#8211; Fortinet FortiWeb SQL Injection Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-25257<br \/>\n<br \/>\n<strong>Published : <\/strong> July 17, 2025, 4:15 p.m. | 25\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>An improper neutralization of special elements used in an SQL command (&#8216;SQL Injection&#8217;) vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 9.8 | CRITICAL<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-25257 Published : July 17, 2025, 4:15 p.m. | 25\u00a0minutes ago Description : An improper neutralization of special elements used in an SQL command (&#8216;SQL Injection&#8217;) vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-66458","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/66458","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=66458"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/66458\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=66458"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=66458"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=66458"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}