VYPR
Unrated severityCISA KEVNVD Advisory· Published Nov 14, 2025· Updated Feb 26, 2026

CVE-2025-64446

CVE-2025-64446

Description

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Fortinet/Fortiwebv52 versions
    cpe:2.3:a:fortinet:fortiweb:8.0.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortiweb:8.0.1:*:*:*:*:*:*:*range: 8.0.0
    • (no CPE)range: < 8.0.2, < 7.6.5, < 7.4.10, < 7.2.12, < 7.0.12

Patches

Vulnerability mechanics

References

1

News mentions

1