A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication. The issue is fixed in FortiWeb ...

Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. Tracked as CVE-2025-58034, this web application firewall ...

A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild. Because the vulnerability is capable of remote code execution in a pre-authentication state ...

The U.S. cybersecurity agency issued an advisory giving government agencies just a week to remediate the issue that Fortinet says has been exploited in attacks. The U.S. Cybersecurity and ...

Fortinet has confirmed that another flaw in its FortiWeb web application firewall has been exploited as a zero-day and issued a patch, just days after disclosing a critical bug in the same product ...

The cybersecurity vendor confirmed Friday that the flaw has been ‘exploited in the wild on FortiWeb.’ Fortinet confirmed Friday that a critical-severity vulnerability affecting its web application ...

Researchers at Rapid7 today disclosed a critical zero-day vulnerability in Fortinet's FortiWeb Web application firewall (WAF) technology that attackers can exploit to gain complete control of affected ...

Fortinet has uncovered a bug in its FortiWeb firewall offering, the second issue to be reported with the product in a month. First reported by The Register, the vulnerability (CVE-2025-58034) could ...

Fortinet has upgraded its FortiWeb web application firewall with extra security features. FortiWeb appliances combine web traffic acceleration, load balancing and filtering in one box. The new 4.0 MR2 ...

On Thursday last week, Fortinet released security updates – the most serious vulnerability affects FortiWeb. Attackers can exploit an SQL injection vulnerability in non-updated systems. IT researchers ...