CVE-2025-25257

The exploit demonstrates a pre-authentication SQL injection vulnerability in Fortinet FortiWeb Fabric Connector 7.6.x via a crafted Authorization header, potentially leading to RCE. The PoC includes both a curl command and a Python script to test the vulnerability.

This PoC exploits an unauthenticated SQL injection in FortiWeb to achieve remote code execution by spraying hex-encoded payload chunks into the database and writing a malicious file to trigger a reverse shell.

This repository contains a working exploit for CVE-2025-25257, targeting FortiWeb's SQL injection vulnerability in the `/api/fabric/device/status` endpoint. The exploit achieves RCE by uploading a webshell via SQLi and leveraging file write primitives.

This is a functional exploit for CVE-2025-25257, targeting an unauthenticated SQL injection in FortiWeb's API endpoint, which is then leveraged to achieve remote code execution via webshell deployment and .pth file manipulation.

This repository contains a functional exploit for CVE-2025-25257, a pre-authentication SQL injection vulnerability in Fortinet FortiWeb. The exploit chains SQLi to achieve remote code execution by writing a webshell and executing commands via the User-Agent header.

This repository contains a functional PoC for CVE-2025-25257, demonstrating a pre-authentication SQL Injection vulnerability in Fortinet FortiWeb Fabric Connector. The exploit targets the `/api/fabric/device/status` endpoint via a crafted `Authorization: Bearer` header.

This is a functional exploit for CVE-2025-25257, targeting FortiWeb's `/api/fabric/device/status` endpoint via SQL injection in the Authorization header. It writes a webshell to the server and achieves remote code execution by leveraging SQL `INTO OUTFILE` and a Python chmod gadget.

This repository contains a Python-based exploit for CVE-2025-25257, targeting FortiWeb devices. The exploit leverages SQL injection via the Authorization header to upload a webshell and achieve remote code execution.

This repository provides a detailed technical analysis of CVE-2025-25257, a critical SQL injection vulnerability in Fortinet FortiWeb's Fabric Connector component. It includes impact assessment, mitigation steps, and references but lacks actual exploit code.

This repository provides comprehensive detection engineering content for CVE-2025-25257, a pre-authentication SQL Injection vulnerability in Fortinet FortiWeb Fabric Connector. It includes detailed technical analysis, detection rules (YARA, KQL, Sigma), and testing instructions for defensive use.

This repository contains a functional proof-of-concept for CVE-2025-25257, demonstrating a SQL injection vulnerability in a simulated FortiWeb environment. The exploit leverages an unauthenticated endpoint with direct SQL concatenation via the Authorization header.

This PowerShell script tests for CVE-2025-25257, an unauthenticated SQL injection vulnerability in Fortinet FortiWeb's /api/fabric/device/status endpoint. It sends a HEAD request to check endpoint accessibility, followed by a GET request with a SQLi payload in the Authorization header.

This repository contains a Python-based exploit for CVE-2025-25257, which chains SQL injection to achieve remote code execution (RCE) on FortiWeb. The exploit writes a reverse shell payload to a .pth file and triggers its execution via a vulnerable API endpoint.

This repository contains a Python-based exploit for CVE-2025-25257, a pre-authentication SQL injection vulnerability in Fortinet FortiWeb that can be escalated to remote code execution (RCE). The exploit includes version detection, SQL injection payloads, and a persistent webshell upload mechanism.