CVE-2025-58034
Published Nov 18, 2025
Last updated 14 days ago
AI description
CVE-2025-58034 is an OS command injection vulnerability affecting Fortinet FortiWeb. It may allow an authenticated attacker to execute unauthorized code on the underlying system. This can be achieved through crafted HTTP requests or CLI commands. Fortinet has released security updates to address this zero-day vulnerability, which has been actively exploited in attacks. It was reported by Jason McFadyen from Trend Micro's Trend Research team. Administrators are advised to upgrade their FortiWeb devices to the latest available software versions to block potential attacks.
- Description
- An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
- Products
- fortiweb
CVSS 3.1
- Type
- Secondary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Fortinet FortiWeb OS Command Injection Vulnerability
- Exploit added on
- Nov 18, 2025
- Exploit action due
- Nov 25, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- psirt@fortinet.com
- CWE-78
- Hype score
- Not currently trending
Fortinet reportó dos fallas críticas en FortiWeb: CVE-2025-64446, un Relative Path Traversal que permite ejecutar comandos vía HTTP/HTTPS, y la vulnerabilidad CVE-2025-58034. Mas información: https://t.co/jr8OYpTM9v #PorUnEcuadorCiberseguro @Arcotel_ec @CsirtCEDIA @CsirtEPN
@EcuCERT_EC
4 Dec 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiWeb alert: two exploited flaws, path traversal (CVE-2025-64446) and OS command injection (CVE-2025-58034), also affect unsupported 6.x. Silent patching hampered defenders. Thoughts? #FortiWeb_vulnerabilidades_explotadas https://t.co/h16Bx0JYj0
@CyberDailyPost
2 Dec 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical command-injection flaw, CVE-2025-58034, in Fortinet FortiWeb is being actively exploited in the wild. Attackers can gain full system control, leading to massive data breach, ransomware, and multi-million losses. CISA added this to its Known Exploited Vulnerabilities-
@cyberpinnacleuk
2 Dec 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA KEV 警告 25/11/18:FortiWeb の脆弱性 CVE-2025-58034 を登録 https://t.co/GCjGPTHXrc この記事からは、FortiWeb の OS コマンド・インジェクションの脆弱性 CVE-2025-58034 が、CISA KEV
@iototsecnews
1 Dec 2025
150 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild Fortinet warns of new security flaw in FortiWeb that has been exploited in the wild. Vulnerability: CVE-2025-58034. CVSS score: 6.7/10.0. Potential impact: authenticated attacker can execute malicious code. #FortiWeb ht
@HackonomicNews
28 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Nuevo 0-Day en FortiWeb (CVE-2025-58034) explotado activamente. Parchear rápido es clave para evitar compromisos críticos. #Ciberseguridad #Fortinet https://t.co/xthSlKgzuq
@trustlock_sec
27 Nov 2025
37 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Warning: Two critical vulnerabilities in #Fortinet #Fortiweb are actively exploited. CVE-2025-58034 and CVE-2025-64446 can be chained together to achieve remote code execution. Check our updated advisories https://t.co/GboGlwR20Q & https://t.co/Bic3EKtppP #RCE! #Patch #Patch
@CCBalert
26 Nov 2025
210 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-58034
@transilienceai
26 Nov 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-58034
@transilienceai
25 Nov 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
فورتینت به تازگی یک آسیبپذیری صفر روز دوم در محصولات فورتیوِب خود را افشا کرده است. این آسیبپذیری با شماره CVE-2025-58034 به مهاجمان امکان اجرای کد بر روی فای
@Cyber_Sonar
24 Nov 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Új, nulladik napi sebezhetőség a FortiWebben A Fortinet figyelmeztetést adott ki egy új, nulladik napi, CVE-2025-58034, azonosítón nyomon követett sérülékenységről, amely a webalkalmazásokat védő FortiWeb-tűzfalat érinti. Fortinet sebezhetőség FortiWeb CV
@linuxmint_hun
24 Nov 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alert: Metasploit releases exploit module for critical FortiWeb vulnerabilities (CVE-2025-64446 & CVE-2025-58034). Immediate patching to version 8.0.2+ is crucial. Link: https://t.co/Ek87OAERvg #Security #Exploit #Vulnerabilities #Cyber #Patch #Fortinet #Updates #Hacking http
@dailytechonx
23 Nov 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Fortinet Woes Continue With Another WAF Zero-Day Flaw- FortiWeb hit with second zero-day in a week- Latest CVE-2025-58034 added to CISA’s KEV catalog- Nation-state and cybercriminal attacks targeting Fortinet stack up https://t.co/XaVNj9vJLZ
@joebeatman
23 Nov 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New #Metasploit module just weaponized two FortiWeb 0-days — CVE-2025-64446 & CVE-2025-58034. Attackers can now go from no auth → full root RCE in seconds. Read More: https://t.co/DgOgJG3nAt #CyberSecurity #Fortinet #Canada #CanadaCyberAwareness https://t.co/oSTL
@FindSecCyber
23 Nov 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MetasploitにFortiWebの例のゼロデイ脆弱性に対応するモジュールが追加された。CVE-2025-64446とCVE-2025-58034を連鎖させて遠隔コード実行を可能とするるもの。exploit/linux/http/fortinet_fortiweb_rce名義。 https://t.co/iQAM1txuQG
@__kokumoto
23 Nov 2025
2474 Impressions
2 Retweets
37 Likes
13 Bookmarks
0 Replies
0 Quotes
Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild https://t.co/JsOADACY1g via @TheHackersNews
@jackgoesvirtual
22 Nov 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
exploit module for Fortinet FortiWeb (CVE-2025-64446 + CVE-2025-58034) https://t.co/sunlFe4r1S
@tdatwja
22 Nov 2025
189 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🧵 🚨 BREAKING: FortiWeb WAFs under ACTIVE zero-day attack Two critical vulns being exploited in the wild: • CVE-2025-58034 • CVE-2025-64446 (auth bypass) CISA says patch in 7 days. Here's what you need to know 👇 https://t.co/W0C6VVFLHa #CyberSecurity #ZeroDa https:/
@nxtgen579255
22 Nov 2025
2 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-58034: Fortinet FortiWeb OS Command Injection https://t.co/3ZfS6jK4MR As a logged in administrator, we can successfully trigger the authenticated command injection vulnerability and execute a netcat reverse shell with root priviledges. Affected versions: FortiWeb htt
@HackingTeam777
22 Nov 2025
1852 Impressions
8 Retweets
49 Likes
21 Bookmarks
0 Replies
0 Quotes
🚨 FortiWeb CVE-2025-58034 vulnerability exploited in the wild! Severity: 6.7/10 😱 An OS Command Injection vulnerability in FortiWeb may allow an attacker to execute commands. Stay secure! #Fortinet #Cybersecurity 🔒 https://t.co/MMCrMt9f6D
@JamaalChalid
21 Nov 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet FortiWeb OS Command Injection Vulnerability (CVE-2025-58034). Please see the @ncsc_gov_ie advisory for more information: https://t.co/ocDwHNZuXW
@ncsc_gov_ie
21 Nov 2025
319 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 When your FortiWeb goes from fortress to cringeworthy 🏰💀 CVE-2025-58034 leak vibes, no cap! 🔥⚠️ #LOL https://t.co/XIlie3JWJ8
@TechTrendEcho
21 Nov 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We now have a (draft) @metasploit exploit module for the recent Fortinet FortiWeb vulns, chaining CVE-2025-64446 (auth bypass) + CVE-2025-58034 (command injection) to achieve unauthenticated RCE with root privileges: https://t.co/Xh15JybxsC https://t.co/n7sMp6qCJU
@stephenfewer
21 Nov 2025
12194 Impressions
50 Retweets
209 Likes
69 Bookmarks
2 Replies
1 Quote
Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild. The medium-severity vulnerability, tracked as CVE-2025-58034, carries a CVSS score of 6.7 out of a maximum of 10.0. https://t.co/FXUJEnW6Fh https://t.co/ws6MobpG29
@riskigy
21 Nov 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 تقرير جديد من Censys يحذّر من ثغرة حرجة في Fortinet رقم CVE-2025-58034 🔹 الثغرة تستهدف أجهزة Fortinet المكشوفة للإنترنت، وتسمح بتنفيذ أوامر عن بُعد (RCE) على الأنظمة المت
@abdul__alamri
21 Nov 2025
3058 Impressions
2 Retweets
36 Likes
19 Bookmarks
1 Reply
1 Quote
🚨 A new FortiWeb vulnerability, CVE-2025-58034, has emerged just days after the previous Fortinet disclosure and is already being exploited in the wild. While medium in severity, early signals suggest it may be chained with CVE-2025-64446, though no official confirmation has h
@censysio
20 Nov 2025
5409 Impressions
15 Retweets
58 Likes
19 Bookmarks
0 Replies
2 Quotes
Fortinet FortiWeb flaw (CVE-2025-58034) is under active attack—hackers can run code they shouldn't. That opens the door to data theft for SMBs still unpatched. If you use FortiWeb, update or verify coverage now. https://t.co/gP6MdTj3XN #CyberSecurity #ZeroDay
@lowcountrycyber
20 Nov 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
حملهکنندگان در حال سوءاستفاده از آسیبپذیری جدید FortiWeb (CVE-2025-58034) هستند که به طور مخفیانه اصلاح شده است. این نقص اجازه میدهد تا کد غیرمجاز اجرا شود. آیا س
@Cyber_Sonar
20 Nov 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
يبدو أن القراصنة يستغلون ثغرة FortiWeb CVE-2025-58034 بنشاط. هذه الثغرة تسمح لهم بتنفيذ أوامر غير مصرح بها. إذا كنت تستخدم FortiWeb، يجب عليك التحديث فورًا للحماية. هل قم
@Cybereayn
20 Nov 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiWeb users, be alert! A serious OS Command Injection flaw (CVE-2025-58034) is being actively exploited. Ensure you're upgraded to the patched versions to stay secure. Have you checked for vulnerabilities lately? #FortiWeb_vulnerability https://t.co/HaXLkrdswP
@CyberDailyPost
20 Nov 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Атакующие активно используют уязвимость FortiWeb (CVE-2025-58034), которую Fortinet исправил, но не сообщил о ней. Важно немедленно обновить системы и проверить на нали
@cybereye_ru
20 Nov 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Güvenlik açıkları ciddiyetini koruyor! FortiWeb üzerinde etki yaratan CVE-2025-58034, yetkili saldırganların sisteme izinsiz kod çalıştırmasını sağlıyor. Hızla güncelleme yapmadıysanız, risk altındasınız. Siz bu durumu nasıl değerlendiriyorsunuz? #CVE_2025
@Siber_Kalkan_
20 Nov 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 FortiWeb CVE-2025-58034 exploit data is rolling in! If you are a Defused TF subscriber, go pick up the exploit payload asap - no public POC available yet!🍯 👉https://t.co/GXFaqghsXI https://t.co/gOwuvielcS
@DefusedCyber
20 Nov 2025
5742 Impressions
9 Retweets
43 Likes
8 Bookmarks
1 Reply
1 Quote
❌ Fortinet FortiWeb 🔎 La CVE-2025-58034 a été patchée dans FortiWeb. Cette faille, qui nécessite une authentification pour être exploitée, est de type OS Command Injection. + d'infos👇 - https://t.co/BtlswmdKoG #fortinet #fortiweb #infosec #veilleIT https://t.co/m
@ITConnect_fr
20 Nov 2025
564 Impressions
2 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Fortinet FortiWeb Security Advisory [—] Nov 20, 2025 Comprehensive analysis of recent vulnerabilities affecting Fortinet FortiWeb Web Application Firewall, including CVE-2025-64446 and CVE-2025-58034. Checkout our Threat Intelligence Platform:... https://t.co/vX12nHWhJj
@transilienceai
20 Nov 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet has confirmed second 0-day within week, new FortiWeb 0-day, CVE-2025-58034. The OS command injection flaw lets authenticated attackers run unauthorized code via crafted HTTP or CLI requests. Source: https://t.co/sWTR5ouLZH #cybernews #threatintel #zeroday #fortinet
@kiwelo_security
20 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥Criminal IP Cyber News – 11월 20일🔥 🛡️ #Fortinet FortiWeb, 인증된 공격자도 OS 명령 실행 가능한 신규 취약점 악용 중 (CVE-2025-58034) https://t.co/e2D6vTxp8T 🌐 #Microsoft Edge, 브라우저 제로데이 포함 다중 취약점…
@CriminalIP_KR
20 Nov 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet、FortiWebのCVE-2025-58034悪用を警告 https://t.co/b8qzUf9dqb #Security #セキュリティー #ニュース
@SecureShield_
20 Nov 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 We have just added detection for the newest exploited-in-the-wild FortiWeb vulnerability (CVE-2025-58034) The FortiWeb decoy intel stream is available for TF subscribers. Track usage of this exploit against FortiWeb honeypots 👉https://t.co/GXFaqggV8a https://t.co/plW9wV
@DefusedCyber
19 Nov 2025
4846 Impressions
11 Retweets
27 Likes
5 Bookmarks
0 Replies
1 Quote
ステルスパッチを適用した FortiWeb の脆弱性が現在も悪用されている (CVE-2025-58034) Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034) #HelpNetSecurity (Nov 19) https://t.co/xx0RE0bSD0
@foxbook
19 Nov 2025
82 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Fortinet confirms active exploitation of FortiWeb CVE-2025-58034. Users urged to patch ASAP. Details: https://t.co/p4RmJGF0m5 #CyberSecurity #Fortinet #CVE #threats https://t.co/Al4JAVUv1h
@sctocs25
19 Nov 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We posted our AttackerKB @rapid7 Analysis of the new EITW FortiWeb command injection vuln, CVE-2025-58034. The patch fixes several command injections, so we reproduced the SAML config name injection, and popped a reverse root shell 🎯 Full details here: https://t.co/k6jCxogtIO
@stephenfewer
19 Nov 2025
12726 Impressions
46 Retweets
139 Likes
48 Bookmarks
3 Replies
0 Quotes
🚨 11/19/25 Cybersecurity Alert: Last 24 Hours Three major stories you need to know: ⚡ LG Energy Solution hacked. Akira ransomware claims 1.7 TB of stolen data. 🛡️ Fortinet FortiWeb zero-day actively exploited (CVE-2025-58034). PATCH NOW. 📦 DoorDash breach. Social
@Andy_Thompson
19 Nov 2025
115 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Tras la publicación de la vulnerabilidad CVE-2025-58034, múltiples servicios Fortinet FortiWeb aparecieron expuestos en escaneos recientes dentro de México, incluyendo instancias ubicadas en CDMX, Guadalajara y Ramos Arizpe. La falla, un posible OS Command Injection, permitir
@tpx_Security
19 Nov 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-58034 has been added to the CISA KEV Catalog Vuln: Fortinet FortiWeb OS Command Injection Vulnerability https://t.co/9idGUAHIKd
@DarkWebInformer
19 Nov 2025
3260 Impressions
7 Retweets
21 Likes
6 Bookmarks
0 Replies
0 Quotes
Nueva vulnerabilidad en Fortinet FortiWeb, identificada como CVE-2025-58034, permite inyección de comandos del sistema operativo FortiWeb es el firewall de aplicaciones web de Fortinet https://t.co/si82lmHUBJ https://t.co/kwAgLuPKPA
@elhackernet
19 Nov 2025
3557 Impressions
16 Retweets
45 Likes
8 Bookmarks
0 Replies
0 Quotes
🔴 FortiWeb, #OS Command Injection, #CVE-2025-58034 (Critical) https://t.co/jEHVMMEfun
@dailycve
19 Nov 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical FortiWeb Vulnerability #CVE-2025-58034 Exposed: Active Exploitation Threatens Enterprise Security https://t.co/wUv3250VkW
@UndercodeNews
19 Nov 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerability Alert: FortiWeb CVE-2025-58034 Fortinet has issued a security advisory for CVE-2025-58034, a medium-severity OS command injection vulnerability (CVSS 6.7) affecting multiple versions of FortiWeb. #CVE#Patch#Vulnerability https://t.co/adXYV1sWOD
@CloneSystemsInc
19 Nov 2025
52 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034) https://t.co/mzxqy8cIs4 #HelpNetSecurity #Cybersecurity https://t.co/Yu0VCiqXlW
@PoseidonTPA
19 Nov 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CDE13E2A-CEC3-4FC7-98AD-11CA1EAEC0C0",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "551127B2-DCE9-403D-8073-ACD717CD0B19",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.2.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F43B659D-6EA7-46F5-9778-0FD0FD036AA9",
"versionEndExcluding": "7.4.11",
"versionStartIncluding": "7.4.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E5D27F6-0659-4D98-9585-FD84B433CCB5",
"versionEndExcluding": "7.6.6",
"versionStartIncluding": "7.6.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1DD8ABA-9BB5-4ED8-9E34-1CB0752651DF",
"versionEndExcluding": "8.0.2",
"versionStartIncluding": "8.0.0"
}
],
"operator": "OR"
}
]
}
]