VDB
GCVE-110-NCSC-2025-372
GCVE-110-NCSC-2025-372
Advisory PublishedCVSS 7.2/10
Fortinet FortiWeb versions 8.0.0 to 8.0.1, 7.6.0 to 7.6.5, 7.4.0 to 7.4.10, 7.2.0 to 7.2.11, and 7.0.0 to 7.0.11 are vulnerable to OS Command Injection, allowing authenticated attackers to execute unauthorized code.
Weaknesses (CWE)
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Risk Scores
CVSS 3.1
7.2/10
High · CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Fortinet | vers:unknown/* | — | — |
Aliases
Browse GCVE Records
71,925 records in the GCVE database · Updated July 13, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.