CVE-2025-25257
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-25257
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Fortinet FortiWeb SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Fortinet FortiWeb是美国飞塔(Fortinet)公司的一款Web应用层防火墙,它能够阻断如跨站点脚本、SQL注入、Cookie中毒、schema中毒等攻击的威胁,保证Web应用程序的安全性并保护敏感的数据库内容。 Fortinet FortiWeb 7.6.3及之前版本、7.4.7及之前版本、7.2.10及之前版本和7.0.10之前版本存在SQL注入漏洞,该漏洞源于对SQL命令中特殊元素中和不当,可能导致SQL注入攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
II. Public POCs for CVE-2025-25257
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | None | https://github.com/watchtowrlabs/watchTowr-vs-FortiWeb-CVE-2025-25257 | POC Details |
| 2 | FortiWeb CVE-2025-25257 exploit | https://github.com/0xbigshaq/CVE-2025-25257 | POC Details |
| 3 | Tool for detecting and exploiting CVE-2025-25257 in Fortinet FortiWeb. | https://github.com/adilburaksen/CVE-2025-25257-Exploit-Tool | POC Details |
| 4 | None | https://github.com/imbas007/CVE-2025-25257 | POC Details |
| 5 | CVE-2025-25257 | https://github.com/B1ack4sh/Blackash-CVE-2025-25257 | POC Details |
| 6 | PoC for CVE-2025-25257, a critical unauthenticated SQL injection in FortiWeb. Exploits SQLi via the Authorization header to write a webshell and gain RCE. No login required. Fully automated. | https://github.com/0xgh057r3c0n/CVE-2025-25257 | POC Details |
| 7 | Exploiting the CVE-2025-25257 vulnerability in FortiWeb. This repository demonstrates secure pre-authenticated SQL injection. | https://github.com/aitorfirm/CVE-2025-25257 | POC Details |
| 8 | CVE‑2025‑25257 is a critical pre-authentication SQL injection vulnerability affecting Fortinet FortiWeb’s | https://github.com/mrmtwoj/CVE-2025-25257 | POC Details |
| 9 | Public PoC for CVE-2025-25257: FortiWeb pre-auth SQLi to RCE | https://github.com/TheStingR/CVE-2025-25257 | POC Details |
| 10 | An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWeb may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPS requests. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-25257.yaml | POC Details |
| 11 | A working (at least for me :] ) exploit for CVE-2025-25257 | https://github.com/segfault-it/CVE-2025-25257 | POC Details |
| 12 | 🛠️ Exploit CVE-2025-25257 in FortiWeb with a working full exploit and a proof of concept for file read/write. | https://github.com/kityzed2003/CVE-2025-25257 | POC Details |
| 13 | PoC for CVE-2025-25257, a critical unauthenticated SQL injection in FortiWeb. Exploits SQLi via the Authorization header to write a webshell and gain RCE. No login required. Fully automated. | https://github.com/zr1p3r/CVE-2025-25257 | POC Details |
| 14 | None | https://github.com/silentexploitexe/CVE-2025-25257 | POC Details |
| 15 | CVE-2025-25257 PoC for educational use and/or authorised pentesting. | https://github.com/mr-r3b00t/CVE-2025-25257 | POC Details |
| 16 | CVE-2025-25257 | https://github.com/Ashwesker/Blackash-CVE-2025-25257 | POC Details |
| 17 | None | https://github.com/lytianahkone-boop/cve-2025-25257 | POC Details |
| 18 | CVE-2025-25257 | https://github.com/Ashwesker/Ashwesker-CVE-2025-25257 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-25257
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-89
- CVE-2021-47941
WordPress Plugin Survey & Poll 1.5.7.3 SQL Injection via sss - CVE-2021-47930
Balbooa Joomla Forms Builder 2.0.6 SQL Injection Unauthentic - CVE-2021-47928
Opencart TMD Vendor System 3.x Blind SQL Injection via produ - CVE-2026-8231
CodeAstro Online Catering Ordering System deleteorder.php sq - CVE-2025-14179
SQL injection in pdo_firebird via NUL bytes in quoted string
V. Comments for CVE-2025-25257
No comments yet