来自MSN

FortiWeb重大漏洞已出现滥用活动

研究人员警告,Fortinet网页应用防火墙FortiWeb SQL指令注入漏洞CVE-2025-25257已经有滥用活动,可能也包含恶意攻击。 ShadowServer基金会研究人员观察到,7月9日公布的CVE-2025-25257在7月11日已经出现webshell程序滥用FortiWeb执行实例的活动,7月14日有85例(端点),7月15日有 ...
Bleeping Computer

New Fortinet FortiWeb hacks likely linked to public RCE exploits

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as ...
Bleeping Computer

Researcher to release exploit for full auth bypass on FortiWeb

A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. The flaw was ...