CVE-2025-64446CISA KEV: Actively Exploited

Fortinet FortiWeb Path Traversal Vulnerability

Published Nov 14, 2025·Updated Nov 14, 2025

Description

Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.

Public Exploits & PoCs12 found

[POC] GHSA-3mgp-fx93-9xv5 — Vulnerability-CVE-2025-64446-CVE-2025-58034

Lỗ hổng FORTIWEB_CVE-2025-64446 & CVE-2025-58034

PoC: CVE-2025-64446

CVE-2025-64446

PoC: FORTIWEB_CVE-2025-64446-58034

Lỗ hổng CVE-2025-64446 & CVE-2025-58034

PoC: FortiWeb-CVE

PoC-CVE-2025-64446 and CVE-2025-58034

PoC: fortinet-fortiweb-cve-2025-64446-58034

Security research on Fortinet FortiWeb vulnerabilities (CVE-2025-64446, CVE-2025-58034)

PoC: cve-2025-64446-fortiweb-exploit

Security research tool for detecting and testing CVE-2025-64446 (FortiWeb Path Traversal RCE vulnerability)

PoC: CVE-2025-64446

CVE-2025-64446 - FortiWeb Authentication Bypass Exploit

PoC: CVE-2025-64446

CVE-2025-64446 - A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.

PoC: CVE-2025-64446

FortiWeb Unauthenticated RCE via Path Traversal & CGI Auth Bypass

PoC: CVE-2025-64446

A scanner for the FortiNet vulnerability CVE-2025-64446

PoC: Blackash-CVE-2025-64446

CVE-2025-64446

PoC: CVE-2025-64446-PoC---FortiWeb-Path-Traversal

# CVE-2025-64446 PoC - FortiWeb Path Traversal Proof of Concept para la vulnerabilidad de path traversal en Fortinet FortiWeb que permite ejecución remota de comandos. Incluye herramienta de detección para fines educativos. **⚠️ SOLO USO EDUCATIVO - NO PARA EXPLOTACIÓN ⚠️**

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free