CVE-2025-58692 | Fortinet FortiVoice up to 7.2.2 HTTP sql injection (FG-IR-25-666)

November 18, 2025 Yanac

A vulnerability was found in Fortinet FortiVoice up to 7.2.2. It has been declared as critical. This issue affects some unknown processing of the component HTTP Handler. Executing manipulation can lead to sql injection.

This vulnerability is tracked as CVE-2025-58692. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-59669 | Fortinet FortiWeb up to 7.0.12/7.2.12/7.4.11/7.6.0 hard-coded credentials (FG-IR-25-843)
CVE-2025-58034 | Fortinet FortiWeb up to 7.0.11/7.2.11/7.4.8/7.6.4 HTTP/CLI os command injection (FG-IR-25-513)