Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2025-64446

Fortinet | FortiWebAdded 2025-11-14Remediation Deadline 2025-11-21

Fortinet FortiWeb Path Traversal Vulnerability

Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.

Required Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weakness Classification

CWE-23

References