Attackers are actively exploiting another FortiWeb vulnerability (CVE-2025-58034) that Fortinet fixed without making its existence public at the time. About CVE-2025-58034 CVE-2025-58034 is an OS Command Injection flaw caused by improper neutralization of special elements. It allows authenticated attackers to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. “Fortinet has observed this to be exploited in the wild,” the company’s Product Security Incident Response Team confirmed in a security … More
The post Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034) appeared first on Help Net Security.
