Bleeping Computer

Fortinet warns of new FortiWeb zero-day exploited in attacks

Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. Tracked as CVE-2025-58034, this web application firewall ...
Bleeping Computer

Fortinet fixes critical vulnerabilities in SSL VPN and web firewall

Fortinet has fixed multiple severe vulnerabilities impacting its products. The vulnerabilities range from Remote Code Execution (RCE) to SQL Injection, to Denial of Service (DoS) and impact the ...
CRN

Fortinet: ’Critical’ FortiWeb Vulnerability Exploited In Attacks

The cybersecurity vendor confirmed Friday that the flaw has been ‘exploited in the wild on FortiWeb.’ Fortinet confirmed Friday that a critical-severity vulnerability affecting its web application ...
CRN

Fortinet Gives FortiWeb Web App Firewalls, PCI A Jolt With New Firmware

The FortiWeb 4.0 MR2 firmware update adds more protection against remote file inclusion attacks; new file upload restrictions so that new control which file types can be uploaded to Web applications, ...
Dark Reading

Zero-Day Flaw Found in Fortinet's FortiWeb WAF Technology

Researchers at Rapid7 today disclosed a critical zero-day vulnerability in Fortinet's FortiWeb Web application firewall (WAF) technology that attackers can exploit to gain complete control of affected ...
CSOonline

Fortinet’s silent patch sparks alarm as a critical FortiWeb flaw is exploited in the wild

Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet disclosed or rated its severity. Security researchers are warning about two ...
Dark Reading

Fortinet Enhances FortiWeb Web Application Firewall Family

SUNNYVALE, Calif., January 31, 2011 - Fortinet' (NASDAQ: FTNT) - a leading network security provider and the worldwide leader of unified threat management (UTM) solutions – today announced a major ...