A zero-day vulnerability affecting Fortinet devices has been identified, allowing attackers to create admin-level user accounts through a specific HTTP POST request. The exploit targets FortiWeb versions below 8.0.2, and multiple source IPs and credential combinations have been linked to the attack. Users should investigate their devices, especially if management interfaces are exposed.