A critical SQL injection vulnerability, tracked as CVE-2025-25257, has been discovered in multiple versions of Fortinet’s FortiWeb Web Application Firewall (WAF), allowing unauthenticated remote attackers to execute unauthorized SQL commands via specially crafted HTTP or HTTPS requests. The vulnerability, classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), arises from the GUI component’s failure to properly validate input data before incorporating it into SQL queries. With a CVSS v3.1 score of high, this flaw is considered critical and poses a high risk to organizations that rely on FortiWeb to secure their web-facing assets.

The vulnerability affects several FortiWeb release branches, including versions 7.6.0–7.6.3, 7.4.0–7.4.7, 7.2.0–7.2.10, and 7.0.0–7.0.10. Attackers can exploit the flaw without any authentication, making it particularly dangerous as it requires no prior access or credentials. Successful exploitation may allow attackers to perform SQL injection, enabling them to read, modify, or delete sensitive data, execute unauthorized code or commands, and potentially gain full system control, putting the confidentiality, integrity, and availability of enterprise environments at serious risk.

To mitigate this threat, Fortinet has released patches for each affected version: upgrade to 7.6.4, 7.4.8, 7.2.11, and 7.0.11, respectively. Organizations are strongly urged to apply these updates immediately. As a temporary workaround, administrators should disable the HTTP/HTTPS administrative interfaces to reduce the attack surface and prevent remote exploitation. Additionally, implementing network segmentation, strict access controls, and continuous threat monitoring can provide a layered defense and help detect exploitation attempts during the patching window.

This vulnerability was responsibly disclosed by a Security Researcher, underscoring the value of coordinated vulnerability reporting in maintaining ecosystem security. Given the severity, unauthenticated exploitability, and widespread use of FortiWeb WAFs, this issue demands immediate attention from affected organizations. Failing to address it could result in data breaches, lateral movement within the network, or service outages, especially in enterprises heavily dependent on Fortinet's web application defense infrastructure.