A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication. The issue is fixed in FortiWeb ...

A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild. Because the vulnerability is capable of remote code execution in a pre-authentication state ...

Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. Tracked as CVE-2025-58034, this web application firewall ...

Fortinet has confirmed that another flaw in its FortiWeb web application firewall has been exploited as a zero-day and issued a patch, just days after disclosing a critical bug in the same product ...

The cybersecurity vendor confirmed Friday that the flaw has been ‘exploited in the wild on FortiWeb.’ Fortinet confirmed Friday that a critical-severity vulnerability affecting its web application ...

Fortinet has uncovered a bug in its FortiWeb firewall offering, the second issue to be reported with the product in a month. First reported by The Register, the vulnerability (CVE-2025-58034) could ...

The FortiWeb 4.0 MR2 firmware update adds more protection against remote file inclusion attacks; new file upload restrictions so that new control which file types can be uploaded to Web applications, ...

Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet disclosed or rated its severity. Security researchers are warning about two ...

On Thursday last week, Fortinet released security updates – the most serious vulnerability affects FortiWeb. Attackers can exploit an SQL injection vulnerability in non-updated systems. IT researchers ...

SUNNYVALE, Calif., January 31, 2011 - Fortinet' (NASDAQ: FTNT) - a leading network security provider and the worldwide leader of unified threat management (UTM) solutions – today announced a major ...