Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
PoC: CVE-2025-25257
FortiWeb CVE-2025-25257 exploit
PoC: CVE-2025-25257
Public PoC for CVE-2025-25257: FortiWeb pre-auth SQLi to RCE
PoC: CVE-2025-25257
CVE-2025-25257
PoC: Fortinet-FortiWeb-Fabric-Connector-CVE-2025-25257-Detection
This repository provides production-ready detection engineering content for **CVE-2025-25257**, a pre-authentication SQL Injection vulnerability in Fortinet FortiWeb Fabric Connector versions 7.0 through 7.6.x. Successful exploitation can lead to Remote Code Execution without any prior authentication.
PoC: CVE-2025-25257
CVE-2025-25257 PoC for educational use and/or authorised pentesting.
PoC: CVE-2025-25257
🛠️ Exploit CVE-2025-25257 in FortiWeb with a working full exploit and a proof of concept for file read/write.
PoC: CVE-2025-25257
A working (at least for me :] ) exploit for CVE-2025-25257
PoC: CVE-2025-25257
CVE‑2025‑25257 is a critical pre-authentication SQL injection vulnerability affecting Fortinet FortiWeb’s
PoC: CVE-2025-25257
PoC for CVE-2025-25257, a critical unauthenticated SQL injection in FortiWeb. Exploits SQLi via the Authorization header to write a webshell and gain RCE. No login required. Fully automated.
PoC: CVE-2025-25257
Explore the CVE-2025-25257 exploit for FortiWeb. This repo includes a full exploit and a proof of concept for file read/write. 🐱💻🔒
PoC: Blackash-CVE-2025-25257
CVE-2025-25257
PoC: CVE-2025-25257-Exploit-Tool
Tool for detecting and exploiting CVE-2025-25257 in Fortinet FortiWeb.
PoC: CVE-2025-25257
Exploiting the CVE-2025-25257 vulnerability in FortiWeb. This repository demonstrates secure pre-authenticated SQL injection.
PoC: CVE-2025-25257
Unauthenticated SQL Injection in FortiWeb
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free