Collecting Cyber-News from over 60 sources

Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities

Nov 22, 2025 5:49 PM

Tags: authentication, cve, cyber, exploit, firewall, flaw, fortinet, injection, remote-code-execution, vulnerability, waf, zero-day

Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining two security flaws to achieve unauthenticated remote code execution with root privileges.”‹ CVE ID Vulnerability Type Affected Product Impact CVE-2025-64446 Authentication Bypass Fortinet FortiWeb Administrative account creation, privilege escalation CVE-2025-58034 Command Injection Fortinet FortiWeb Remote […] The post Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/metasploit-releases-new-exploit-for-fresh-fortiweb-0-day/

Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities

also interesting: