You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-64446
About this tag
CVE-2025-64446 is a critical vulnerability affecting Fortinet FortiWeb web application firewalls. It combines a relative path traversal and authentication bypass flaw in the web GUI component. CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation in the wild. Federal agencies are required to patch or mitigate affected appliances within one week. Discussions on WindowsForum cover the technical details of the flaw, the urgency of remediation, and guidance for securing FortiWeb deployments against potential attacks.
CISA has added a critical Fortinet FortiWeb vulnerability — tracked as CVE-2025-64446 — to its Known Exploited Vulnerabilities (KEV) catalog after evidence of active, in‑the‑wild exploitation, and federal agencies have been given a condensed remediation window of one week to patch or mitigate...