Fortinet FortiAnalyzer and FortiManager: Unauthorized Code Execution via API

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.2

Fortinet FortiAnalyzer and FortiManager: Unauthorized Code Execution via API

CVE-2025-61848

Summary

Certain versions of Fortinet's FortiAnalyzer and FortiManager software have a security flaw that could allow an attacker with permission to execute unauthorized code. This is a serious issue because it could allow an attacker to gain control of the system. Fortinet recommends updating to the latest version to fix this problem.

Original title

Original description

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through 7.4.8, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager Cloud 7.6.0 through 7.6.4, FortiManager Cloud 7.4.0 through 7.4.8, FortiManager Cloud 7.2 all versions, FortiManager Cloud 7.0 all versions may allow a privileged authenticated attacker to execute unauthorized code or commands via JSON RPC API

nvd CVSS3.1 7.2

Vulnerability type

CWE-89 SQL Injection

https://fortiguard.fortinet.com/psirt/FG-IR-26-111

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026