CVE-2025-25257 PoC — Fortinet FortiWeb SQL注入漏洞

Source

https://github.com/adilburaksen/CVE-2025-25257-Exploit-Tool

Associated Vulnerability

Title:Fortinet FortiWeb SQL注入漏洞 (CVE-2025-25257)
Description:An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.

Description

Tool for detecting and exploiting CVE-2025-25257 in Fortinet FortiWeb.

Readme

# CVE-2025-25257 Exploit Tool

Credits
```
Based on watchTowr Labs, 0xbigshaq, and pwner.gg analyses.
````

Warnings
````
For educational purposes only. Use on authorized systems. Modifies database/filesystem.
````
Enhanced Python tool for detecting and exploiting CVE-2025-25257 (Pre-Auth SQLi to RCE in Fortinet FortiWeb).

## Features
- Vulnerability detection with version checking.
- Persistent webshell upload via SQL injection.
- Payload splitting and hex encoding for length limits.
- Chmod gadget with cleanup.
- CGI trigger for RCE.

## Usage
```bash
python exploit.py --host target.com --https --exploit
--host: Target host.
--https: Use HTTPS.
--exploit: Perform exploit if vulnerable.

Installation
pip install -r requirements.txt

File Snapshot


 [4.0K]  /data/pocs/97cf1723be8eff971506beff93dd319fdc04637d
├── [6.7K]  exploit.py
├── [1.0K]  LICENSE
└── [ 744]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!