Summary: Proof-of-Concept (PoC) exploits have been released for a vulnerability in Fortinet FortiWeb that WaterISAC drew awareness to in last week’s SRU. The high-severity vulnerability could allow a remote attacker to exploit vulnerable FortiWeb web application firewalls (WAFs) to achieve pre-authenticated remote code execution (CVE-2025-25257).
Analyst Note: WaterISAC is sharing this information to draw additional awareness to this high-severity vulnerability. Since PoC exploits have been publicly disclosed, risks of exploitation rise due to additional malicious actors’ likelihood of replicating the exploit, especially in high-severity vulnerabilities that are relatively easy to implement such as this one. Members are encouraged to patch systems immediately and refer to Fortinet’s advisory for applicable update information and mitigations.
Original Source: https://www.bleepingcomputer.com/news/security/exploits-for-pre-auth-fortinet-fortiweb-rce-flaw-released-patch-now/
Additional Reading:
Mitigation Recommendations:
Related WaterISAC PIRs: 6, 8, 12