Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-59669

A use of hard-coded credentials vulnerability in Fortinet FortiWeb 7.6.0, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker with shell access to the device to connect to redis service and access its data

Published

2025-11-18T17:16:07.390

Last Modified

2025-11-20T14:36:53.967

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-798

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	fortinet	fortiweb	< 7.6.1	Yes

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-843 Vendor Advisory ([email protected])