Breaking
Alienware Just Announced Its First Budget Gaming Laptop
A Look Back, May 14
Discarded smoker ashes spark Baker Hill Road fire in Northampton
‘It’s a bummer’: Shutesbury residents lament pending post office closure
Amherst school budget proposal draws concerns over staff reductions
Override failure could cost Easthampton schools 40 educators
Northampton council advances JFK school roof repair amid debate over School Committee oversight
Belchertown Select Board race heats up with focus on communication, community
UMass Amherst to install solar panels and heat pump with new funding
‘Rest in Peace’ — Party Animals Review-Bombed Over AI Video Contest
14 May 2026, Thu
Launch Your Site in 5 Minutes
Cyber Security News

FortiWeb Authentication Bypass Vulnerability Exploited – Script to Detect Vulnerable Appliances

By rssfeeds-admin No Comments
FortiWeb Authentication Bypass Vulnerability Exploited – Script to Detect Vulnerable Appliances
Threat actors are actively exploiting a critical authentication bypass vulnerability in Fortinet’s FortiWeb web application firewall (WAF) worldwide, prompting defenders to heighten vigilance.

Researchers at watchTowr Labs have responded by releasing a Detection Artefact Generator script, designed to help organizations scan their environments for vulnerable FortiWeb appliances and mitigate risks swiftly.​

The vulnerability, tracked as CVE-2025-52970, stems from improper parameter handling in FortiWeb, enabling unauthenticated remote attackers to log in as any existing user via crafted requests.

With a CVSS score of 7.7, it requires some non-public knowledge of the device but poses severe risks, including privilege escalation and potential remote code execution on affected systems.

Fortinet patched the flaw in versions 8.0.2 and later, but in-the-wild attacks have surged since a partial proof-of-concept surfaced publicly in August 2025, targeting exposed FortiWeb instances indiscriminately.

Security firms report dozens of compromises, underscoring the urgency for immediate patching amid ongoing exploitation campaigns.​

WatchTowr Labs’ open-source tool, hosted on GitHub at watchTowr-vs-Fortiweb-AuthBypass, simplifies detection by simulating the bypass mechanism. The Python script generates a unique username and password (e.g., “35f36895”) and sends an exploit payload to the target IP, such as python watchTowr-vs-Fortiweb-AuthBypass.py 192.168.1.99.

If successful, it confirms vulnerability by creating a temporary user, alerting administrators to remediate. Authored by Sina Kheirkhah (@SinSinology) and Jake Knott (@inkmoro), the script targets FortiWeb versions below 8.0.2, with specifics available via FortiGuard Labs PSIRT.​

Organizations should prioritize scanning internet-facing appliances, applying patches, and monitoring for anomalous logins. As supply chain attacks evolve, tools like this empower proactive defense in a threat landscape where WAFs ironically become entry points.​

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post FortiWeb Authentication Bypass Vulnerability Exploited – Script to Detect Vulnerable Appliances appeared first on Cyber Security News.

Discover more from RSS Feeds Cloud

Subscribe to get the latest posts sent to your email.

By rssfeeds-admin

Related Posts

Cyber Security News

Langflow Vulnerability Abused In Attacks Targeting AWS Access Keys

rssfeeds-admin
Cyber Security News

Amazon Quick Flaw Exposed Restricted AI Chat Agents to Unauthorized Users

rssfeeds-admin
Cyber Security News

Critical GitLab Flaw Enables XSS and Unauthenticated DoS Attacks

rssfeeds-admin

You Missed

IGN

Alienware Just Announced Its First Budget Gaming Laptop

New Hampshire News

A Look Back, May 14

New Hampshire News

Discarded smoker ashes spark Baker Hill Road fire in Northampton

New Hampshire News

‘It’s a bummer’: Shutesbury residents lament pending post office closure

Discover more from RSS Feeds Cloud

Subscribe now to keep reading and get access to the full archive.

Continue reading