OS command injection vulnerability in Fortinet FortiWeb allowing authenticated attackers to execute unauthorized code via crafted HTTP requests or CLI commands. FortiWeb is a web application firewall that is almost universally deployed as an internet-facing service to protect web applications.
Data Source: CIRCL
Confidence: HIGH
Exploitation Method: DIRECT_NETWORK
CVE Published: 2025-11-18
Added to CISA KEV: 2025-11-18 0 DAY BETWEEN CVE AND KEV
Details on CVE-2025-58034: Fortiweb. Includes CVSS score, affected versions, and references.An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11. may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. Fix.
CVE-2025-58034 is a high-severity OS command injection vulnerability in Fortinet FortiWeb, potentially allowing authenticated attackers to run arbitrary commands on the underlying system. FortiWeb is Fortinet's dedicated web application firewall, widely deployed to protect web applications from a range of attacks.
Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. Tracked as CVE-2025-58034, this web application ...