The AppSec Insiders

Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know

For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs.

If you’re an AppSec professional looking for an opportunity to work with some of the best in the industry, or a developer with an interest in cybersecurity, be sure to check out our careers page at ForwardSecurity.com/careers

We would greatly appreciate it if you subscribed to the podcast wherever you listen to the show, and be sure to follow us on LinkedIn and Twitter at Forward Security. Links are in the show notes.

• https://www.ForwardSecurity.com
• https://www.linkedin.com/company/fwdsec/mycompany/verification/
• https://twitter.com/fwd_sec

All Episodes

The AppSec Insiders

SQL Injection to RCE: Fortinet's Critical Vulnerability Exposed | The AppSec Insiders Podcast Ep. 17

August 27, 2025 • Farshad Abasi • Season 1 • Episode 17

On this episode of The AppSec Insiders Podcast, we dive into CVE-2025-25257, a Fortinet FortiWeb Fabric Connector SQL injection vulnerability that escalates to RCE. We break down how this exploit works, why it’s so impactful, and what lessons organizations can learn, from proper network segmentation to the importance of SAST in your pipeline.

We also touch on broader trends, from IoT security issues to recurring mistakes in network management. Plus, we share upcoming events where you can meet us in person and give a quick update on the Eureka DevSecOps platform launch.