Severity
Medium
Analysis Summary
CVE-2025-64153 CVSS:7.2
Fortinet FortiExtender may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request, caused by an OS command injection vulnerability.
CVE-2025-57823 CVSS:2.7
Fortinet FortiAuthenticator may allow an authenticated attacker with at least sponsor permissions to read and download device logs via accessing specific endpoints, caused by a direct request vulnerability.
CVE-2025-64471 CVSS:4.9
Fortinet FortiWeb may allow an attacker to use the hash in place of the password to authenticate uisng specially crafted HTTP/HTTPS requests, caused by the use of password hash instead of password for authentication vulnerability.
CVE-2025-60024 CVSS:8.8
Fortinet FortiVoice may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or HTTPS commands, caused by a directory traversal vulnerability.
CVE-2025-64447 CVSS:7.1
A reliance on cookies without validation and integrity checking vulnerability in Fortinet FortiWeb may allow an unauthenticated attacker to execute arbitrary operations on the system via crafted HTTP or HTTPS request via forged cookies, requiring prior knowledge of the FortiWeb serial number.
Impact
- Gain Access
- Security Bypass
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-64153
CVE-2025-57823
CVE-2025-64471
CVE-2025-60024
CVE-2025-64447
Affected Vendors
- Fortinet
Affected Products
- Fortinet FortiWeb 8.0.0
- Fortinet FortiVoice 7.2.0
- Fortinet FortiAuthenticator 6.6.0
- Fortinet FortiExtender 7.6.0
- Fortinet FortiWeb 8.0.0 - 8.0.1
- Fortinet FortiWeb 7.6.0 - 7.6.5
- Fortinet FortiWeb 7.4.0 - 7.4.10
- Fortinet FortiWeb 7.2.0 - 7.2.11
- Fortinet FortiWeb 7.0.0 - 7.0.11
Remediation
Refer to Fortinet Security Advisory for patch, upgrade or suggested workaround information.