FortiWeb Systems Compromised via Webshells After Public PoC Release

FortiWeb Systems Compromised via Webshells After Public PoC Release A widespread cyberattack campaign has successfully compromised dozens of Fortinet FortiWeb instances throughwebshelldeployment, exploiting a critical vulnerability for which proof-of-concept code became publicly available just days ago. The rapid weaponization of the exploit demonstrates the immediate risks organizations face when security flaws become public knowledge. Critical Vulnerability Details and Impact The attacks center aroundCVE-2025-25257, a critical pre-authenticated SQL injection vulnerability affecting Fortinet’s FortiWeb Web Application Firewall systems. This flaw, with a severe CVSS score of 9.6 out of 10, allows unauthenticated attackers to execute unauthorized code remotely by sending specially crafted HTTP requests to vulnerable systems. The vulnerability resides specifically in the FortiWeb Fabric Connector component, which integrates the WAF with other Fortinet security products. Security research...