Table of Contents
Additional Resources:
In this week’s Security Advisory
- Fortinet Patches New FortiWeb Vulnerability Exploited in Attacks
- SolarWinds Patches Multiple Vulnerabilities
- Citrix Patches NetScaler ADC and NetScaler Gateway XSS Vulnerability
- ASUS Patches Critical Auth Bypass Vulnerability
Fortinet Patches New FortiWeb Vulnerability Exploited in Attacks
Fortinet has released security updates to patch a new FortiWeb vulnerability that has been exploited in the wild. The vulnerability, tracked as CVE-2025-58034 (CVSS 6.7/10), allows an authenticated user to execute code by exploiting an OS command injection vulnerability that doesn’t require user interaction. CyberMaxx strongly advises admins to upgrade their FortiWeb devices to the latest available version.
Of note, CyberMaxx has already taken steps to globally mitigate our equipment against these vulnerabilities.
Affected Versions
- FortiWeb 8.0.0 through 8.0.1.
- FortiWeb 7.6.0 through 7.6.5.
- FortiWeb 7.4.0 through 7.4.10.
- FortiWeb 7.2.0 through 7.2.11.
- FortiWeb 7.0.0 through 7.0.11.
Recommendations
- Upgrade to 8.0.2 or above.
- Upgrade to 7.6.6 or above.
- Upgrade to 7.4.11 or above.
- Upgrade to 7.2.12 or above.
- Upgrade to 7.0.12 or above.
More Reading / Information
- https://thehackernews.com/2025/11/fortinet-warns-of-new-fortiweb-cve-2025.html
- https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-fortiweb-zero-day-exploited-in-attacks/
- https://www.helpnetsecurity.com/2025/11/19/fortiweb-vulnerability-cve-2025-58034/
SolarWinds Patches Multiple Vulnerabilities
SolarWinds has released patches for five new vulnerabilities, including three critical-severity vulnerabilities. The three critical severity vulnerabilities affect the Serv-U application; they are CVE-2025-40547, CVE-2025-40548, and CVE-2025-40549 (All CVSS 9.1/10). These vulnerabilities can allow a threat actor to execute code once they obtain admin privileges. The remaining two vulnerabilities, CVE-2025-40545(CVSS 4.8/10) and CVE-2025-26391 (CVSS 5.4/10), can be exploited as an authenticated user with minimal permissions to manipulate URLs and redirect users to malicious websites.
Affected Versions
- SolarWinds Serv-U 15.5.2.2.102.
- SolarWinds Observability Self-Hosted 2025.4 and prior versions.
Recommendations
- Upgrade to SolarWinds Serv-U 15.5.3.
- Upgrade to SolarWinds Observability Self-Hosted 2025.4 SR1.
More Reading / Information
- https://www.solarwinds.com/trust-center/security-advisories
- https://nvd.nist.gov/vuln/detail/CVE-2025-40547
Citrix Patches NetScaler ADC and NetScaler Gateway XSS Vulnerability
NetScaler has patched a new cross-site scripting vulnerability, CVE-2025-12101 (CVSS 5.9/10), in its ADC and Gateway products. This also affects the Secure Private Access on-prem or Secure Private Access Hybrid deployments using NetScaler instances. This vulnerability is only applicable to customer-managed NetScaler ADC and NetScaler Gateway.
Affected Versions
- NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-56.73.
- NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-60.32.
- NetScaler ADC 13.1-FIPS and NDcPP BEFORE 13.1-37.250-FIPS and NDcPP.
- NetScaler ADC 12.1-FIPS and NDcPP BEFORE 12.1-55.333-FIPS and NDcPP.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695486&articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_12101
- https://www.cve.org/CVERecord?id=CVE-2025-12101
ASUS Patches Critical Auth Bypass Vulnerability
ASUS has released a patch for a vulnerability affecting three of its DSL router models. The vulnerability, CVE-2025-59367 (CVSS 9.3/10), allows a remote, unauthenticated attacker to access the device without interacting with another user. Currently, there are no reports of this being exploited in the wild. ASUS also provided some mitigation strategies if you cannot immediately update the firmware.
Affected Versions
- DSL-AC51, DSL-N16, and DSL-AC750 routers running on firmware before 1.1.2.3_1010.
Recommendations
- Download and install the latest firmware version 1.1.2.3_1010.
More Reading / Information
- https://www.asus.com/security-advisory
- https://www.bleepingcomputer.com/news/security/asus-warns-of-critical-auth-bypass-flaw-in-dsl-series-routers/
Recommendations
Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to “vendor-supported versions” only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, CyberMaxx strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program
