CVE-2025-59669

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-59669

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-59669.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-59669

Published

2025-11-18T17:16:07.390Z

Modified

2026-03-13T03:39:33.065130Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A use of hard-coded credentials vulnerability in Fortinet FortiWeb 7.6.0, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker with shell access to the device to connect to redis service and access its data

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-843

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-59669.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "7.0.0"
            },
            {
                "fixed": "7.6.1"
            }
        ]
    }
]