automatic module_metadata_base.json update

jenkins-metasploit · jenkins-metasploit · commit 8062673bfcfe · 2025-11-17T15:19:06.000Z
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -2401,18 +2401,20 @@
     "fullname": "auxiliary/admin/http/fortinet_fortiweb_create_admin",
     "aliases": [],
     "rank": 300,
-    "disclosure_date": null,
+    "disclosure_date": "2025-11-14",
     "type": "auxiliary",
     "author": [
       "Defused",
       "sfewer-r7"
     ],
-    "description": "This auxiliary module exploits an authentication bypass via path traversal vulnerability in the Fortinet\n          FortiWeb management interface to create a new local administrator user account. This vulnerability\n          appears to be patched in the latest version of the product, version 8.0.2.",
+    "description": "This auxiliary module exploits an authentication bypass via path traversal vulnerability in the Fortinet\n          FortiWeb management interface to create a new local administrator user account. This vulnerability affects the\n          following versions:\n\n          * FortiWeb 8.0.0 through 8.0.1 (Patched in 8.0.2 and above)\n          * FortiWeb 7.6.0 through 7.6.4 (Patched in 7.6.5 and above)\n          * FortiWeb 7.4.0 through 7.4.9 (Patched in 7.4.10 and above)\n          * FortiWeb 7.2.0 through 7.2.11 (Patched in 7.2.12 and above)\n          * FortiWeb 7.0.0 through 7.0.11 (Patched in 7.0.12 and above)",
     "references": [
+      "CVE-2025-64446",
       "URL-https://x.com/defusedcyber/status/1975242250373517373",
       "URL-https://github.com/watchtowrlabs/watchTowr-vs-Fortiweb-AuthBypass",
       "URL-https://www.pwndefend.com/2025/11/13/suspected-fortinet-zero-day-exploited-in-the-wild/",
-      "URL-https://www.rapid7.com/blog/post/etr-critical-vulnerability-in-fortinet-fortiweb-exploited-in-the-wild/"
+      "URL-https://www.rapid7.com/blog/post/etr-critical-vulnerability-in-fortinet-fortiweb-exploited-in-the-wild/",
+      "URL-https://www.fortiguard.com/psirt/FG-IR-25-910"
     ],
     "platform": "",
     "arch": "",
@@ -2433,7 +2435,7 @@
       "https"
     ],
     "targets": null,
-    "mod_time": "2025-11-14 12:02:10 +0000",
+    "mod_time": "2025-11-14 17:06:30 +0000",
     "path": "/modules/auxiliary/admin/http/fortinet_fortiweb_create_admin.rb",
     "is_install_path": true,
     "ref_name": "admin/http/fortinet_fortiweb_create_admin",
