6 matches found
Metasploit Wrap-Up 11/21/2025
CVE-2025-64446 - Fortinet’s FortiWeb exploitation A critical vulnerability in Fortinet’s FortiWeb Web Application Firewall, now assigned CVE-2025-64446 CVSS 9.1, allows unauthenticated attackers to gain full administrator access to the FortiWeb Manager interface and its websocket CLI. The flaw...
CVE-2025-64446: Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild
Overview On October 6, 2025, the cyber deception company Defused published a proof-of-concept exploit on social media that was captured by one of their Fortinet FortiWeb Manager honeypots. FortiWeb is a Web Application Firewall WAF product that is designed to detect and block malicious traffic to...
The vulnerability of the software for centralized management of FortiWeb Manager firewalls lies in the lack of authentication procedures, which allows a perpetrator to execute arbitrary codes or commands.
The vulnerability of the FortiWeb Manager software for centralized control of network firewalls is related to deficiencies in its authentication procedures. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands or scripts by sending specially crafted HTTP requests o...
The vulnerability of the software for centralized management of FortiWeb Manager firewalls lies in the authentication procedures’ deficiencies, which allow an attacker to gain access to read, modify, or delete data.
The vulnerability of the FortiWeb Manager software for centralized control of network firewalls is related to deficiencies in its authentication procedures. Exploiting this vulnerability could allow an attacker to gain access to read, modify, or delete data by sending specially crafted HTTP...
The vulnerability of the software for centralized management of FortiWeb Manager firewalls lies in the authentication procedures’ deficiencies, which allow an attacker to gain access to read, modify, or delete data.
The vulnerability of the FortiWeb Manager software for centralized control of network firewalls is related to deficiencies in its authentication procedures. Exploiting this vulnerability could allow an attacker to gain access to read, modify, or delete data by sending specially crafted HTTP...
The vulnerability of the software interface of the FortiWeb Manager, a centralized control system for network switches, relates to access control deficiencies, allowing an intruder to gain access to the system using an administrator account.
The vulnerability of the software interface for centralized control of network switches, FortiWeb Manager, is related to the lack of password verification for the admin account. Exploiting this vulnerability could allow a malicious actor, operating remotely and having access to the web interface,...