Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
July 11, 2025
1 min read
●
The Hacker News

Fortinet has released fixes for a critical security flaw impacting FortiWeb. The flaw could enable an unauthenticated attacker to run arbitrary database commands. Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6.