CVE-2025-66178

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2.0 through 7.2.12, FortiWeb 7.0.0 through 7.0.12 may allow an authenticated attacked to execute arbitrary commands via a specialy crafted HTTP request.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://fortiguard.fortinet.com/psirt/FG-IR-26-088	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::

History

No history.

Information

Published : 2026-03-10 18:17

Updated : 2026-03-12 20:26

NVD link : CVE-2025-66178

Mitre link : CVE-2025-66178

CVE.ORG link : CVE-2025-66178

JSON object : View

Products Affected

fortinet

fortiweb

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2025-66178", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2026-03-10T18:17:59.413", "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-088", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2.0 through 7.2.12, FortiWeb 7.0.0 through 7.0.12 may allow an authenticated attacked to execute arbitrary commands via a specialy crafted HTTP request."}, {"lang": "es", "value": "Una vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando del sistema operativo ('inyecci\u00f3n de comandos del sistema operativo') en Fortinet FortiWeb 8.0.0 hasta 8.0.1, FortiWeb 7.6.0 hasta 7.6.5, FortiWeb 7.4.0 hasta 7.4.11, FortiWeb 7.2.0 hasta 7.2.12, FortiWeb 7.0.0 hasta 7.0.12 puede permitir a un atacante autenticado ejecutar comandos arbitrarios mediante una solicitud HTTP especialmente dise\u00f1ada."}], "lastModified": "2026-03-12T20:26:06.023", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AF7BC02-1316-4CD9-B82E-0A99DA91925A", "versionEndExcluding": "7.0.13", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B9458FC-3403-4125-A4A9-C15E1A4AFD29", "versionEndExcluding": "7.2.13", "versionStartIncluding": "7.2.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00447564-4A90-4194-85FF-A8C047796A5F", "versionEndExcluding": "7.4.12", "versionStartIncluding": "7.4.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15C9CDE3-FE6F-4946-A3DC-FDD7A5F99D65", "versionEndExcluding": "7.6.7", "versionStartIncluding": "7.6.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C82F9CC0-7683-4CDE-8370-153400605B55", "versionEndExcluding": "8.0.3", "versionStartIncluding": "8.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}