Exploit for CVE-2025-49132

CVE-2025-49132 PoC Improved This is an improved version of...

Salty Seagull: a VSAT Honeynet to Follow the Bread Crumb of Attacks in Ship Networks

Cyber threats against the maritime industry have increased notably in recent years, highlighting the need for innovative cybersecurity approaches. Ships, as critical assets, possess highly specialized and interconnected network infrastructures, where their legacy systems and operational constrain...

CVE-2025-27759

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and before 7.0.10 allows an authenticated privileged attacker to execute unauthorized code o...

CVE-2024-40588

Multiple relative path traversal vulnerabilities CWE-23 vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 al...

CVE-2025-20220

A vulnerability in the CLI of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper inp...

CVE-2025-20220

A vulnerability in the CLI of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper inp...

CVE-2025-32766

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via crafted CLI commands...

CVE-2025-27759

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and before 7.0.10 allows an authenticated privileged attacker to execute unauthorized code o...

CVE-2025-25256

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute...

CVE-2024-40588

Multiple relative path traversal vulnerabilities CWE-23 vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 al...

CVE-2024-40588

Multiple relative path traversal vulnerabilities CWE-23 vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 al...

CVE-2025-47857

A improper neutralization of special elements used in an os command 'os command injection' vulnerability CWE-78 in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or command via crafted CLI commands...

CVE-2025-27759

Fortinet FortiWeb is affected by an OS Command Injection vulnerability (CWE-78) due to improper neutralization of special elements. Impactable when an authenticated privileged attacker crafts CLI commands to execute arbitrary code on affected versions. Affected software: FortiWeb 7.6.0–7.6.3, 7.4...

CVE-2025-32766

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via crafted CLI commands...

CVE-2025-25256

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute...

CVE-2024-40588

Multiple relative path traversal vulnerabilities CWE-23 vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions, FortiMail 7.6.0 through 7.6.1, FortiMail 7.4.0 through 7.4.3, FortiMail 7.2 all versions, FortiMail 7.0 al...

Fortinet FortiWeb CLI 操作系统命令注入漏洞

Fortinet FortiWeb CLI is a command line interface from Fortinet, Inc. An operating system command injection vulnerability exists in Fortinet FortiWeb CLI versions 7.6.0 through 7.6.3 and prior to 7.4.8, which stems from vulnerability to os command injection attacks...

PT-2025-32877 · Fortinet · Fortiweb Cli

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWeb CLI versions 7.6.0 through 7.6.3 Fortinet FortiWeb CLI versions prior to 7.4.8 Description: A stack-based buffer overflow vulnerability allows a privileged attacker to execute arbitrary code or commands via crafted CLI...

The vulnerability of the CLI component of the FortiOS operating system for FortiGate network interfaces allows a hacker to disclose sensitive information.

The vulnerability of the CLI component of the FortiOS operating system and the FortiGate network interface devices is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

PT-2025-32184 · Eaton · Eaton Cli

Name of the Vulnerable Software and Affected Versions: Eaton CLI affected versions not specified Description: An attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limited shell of the command-line interface CLI...