Bleeping Computer

Fortinet warns of new FortiWeb zero-day exploited in attacks

Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. Tracked as CVE-2025-58034, this web application firewall ...
CRN

CISA Urges Quick Fortinet Patches Amid Exploitation Of New FortiWeb Vulnerability

The U.S. cybersecurity agency issued an advisory giving government agencies just a week to remediate the issue that Fortinet says has been exploited in attacks. The U.S. Cybersecurity and ...
Dark Reading

Critical Fortinet FortiWeb WAF Bug Exploited in the Wild

A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild. Because the vulnerability is capable of remote code execution in a pre-authentication state ...
Bleeping Computer

Fortinet FortiWeb flaw with public PoC exploited to create admin users

A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication. The issue is fixed in FortiWeb ...
CRN

Fortinet: ’Critical’ FortiWeb Vulnerability Exploited In Attacks

The cybersecurity vendor confirmed Friday that the flaw has been ‘exploited in the wild on FortiWeb.’ Fortinet confirmed Friday that a critical-severity vulnerability affecting its web application ...
CSOonline

Fortinet’s silent patch sparks alarm as a critical FortiWeb flaw is exploited in the wild

Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet disclosed or rated its severity. Security researchers are warning about two ...
heise online

Many Fortinet Security Updates, Renewed Attacks on FortiWeb

Attackers have repeatedly targeted Fortinet's Web Application Firewall (WAF) FortiWeb. There is now a security patch. However, other products from the network security appliance vendor are still ...