CVE-2025-27759 Information

Description

An improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability [CWE-78] in Fortinet FortiWeb version 7.6.0 through 7.6.3 7.4.0 through 7.4.7 7.2.0 through 7.2.10 and before 7.0.10 allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI commands

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-25-150

Related CNNVD

CNNVD-202508-1259 (Published: 2025-08-12)