Security Advisory

CVE-2025-64447

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-09 17:18:42

Last updated 2026-02-26 16:57:02

Assigner fortinet

State PUBLISHED

Description

A reliance on cookies without validation and integrity checking vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an unauthenticated attacker to execute arbitrary operations on the system via crafted HTTP or HTTPS request via forged cookies, requiring prior knowledge of the FortiWeb serial number.

← Browse all CVEs View on cve.org ↗