CVE-2025-64471
MEDIUMDescription
A use of password hash instead of password for authentication vulnerability [CWE-836] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an unauthenticated attacker to use the hash in place of the password to authenticate via crafted HTTP/HTTPS requests
Is your site exposed to CVE-2025-64471?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| fortinet | fortiweb |
| fortinet | fortiweb |
| fortinet | fortiweb |
| fortinet | fortiweb |
| fortinet | fortiweb |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-64471? +
How severe is CVE-2025-64471? +
What products are affected by CVE-2025-64471? +
How do I check if I'm vulnerable to CVE-2025-64471? +
Related Vulnerabilities
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior only require the password hash when authenticating with backend services from …
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other …
E3 Site Supervisor Control (firmware version < 2.31F01) application services (MGW and RCI) uses client side hashing for authentication. An …
OpenProject is open-source, web-based project management software. Prior to 17.4.0, the GET /api/v3/relations endpoint allows any authenticated user to retrieve …
The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and …
An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet allows attacker to …