EXECUTIVE SUMMARY:
The CVE-2025-58034 flaw is an OS-command-injection vulnerability in Fortinet’s FortiWeb Web Application Firewall that enables an authenticated attacker to execute arbitrary system-level commands through specially crafted HTTP requests or CLI inputs. It affects FortiWeb versions 8.0.0–8.0.1, 7.6.0–7.6.5, 7.4.0–7.4.10, 7.2.0–7.2.11, and 7.0.0–7.0.11. The vulnerability is classified as CWE-78: Improper Neutralization of Special Elements in OS Commands, highlighting its ability to provide deep system compromise. It carries a CVSS v3.1 score of 7.2, indicating a high-severity impact with potential for significant operational damage. Attackers may exploit weak credentials or shared administrative access paths to trigger the vulnerability. Successful exploitation can lead to complete administrative control, persistent backdoor deployment, traffic manipulation, and possible lateral movement beyond the FortiWeb appliance.
RECOMMENDATION:
We strongly recommend you update FortiWeb to version 8.0.2, 7.6.6, 7.4.11, 7.2.12, or 7.0.12 or above.
REFERENCES:
The following reports contain further technical details: