Fortinet has disclosed a new security vulnerability affecting its FortiOS SSL-VPN web-mode that allows authenticated users to gain unauthorized access to complete SSL-VPN configuration settings through specially crafted URLs.

The vulnerability, designated as CVE-2025-25250, was published today and affects multiple versions of the popular network security platform.