CVE-2025-53679 — OS Command Injection in Fortinet Fortisandbox

CWE-78 — OS Command Injection4 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.3%

top 45.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fortinet Fortisandbox Fortinet Fortisandbox Cloud

Timeline

PublishedDec 9

Description

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1, FortiSandbox Cloud 23 all versions allows a remote privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages4 packages

▶NVDfortinet/fortisandbox_cloud23.1.4245 — 23.4.4374+1

▶CVEListV5fortinet/fortisandbox_cloud23.4, 24.1+1

▶NVDfortinet/fortisandbox4.0.0 — 4.4.8+1

▶CVEListV5fortinet/fortisandbox5.0.0 — 5.0.2+3

🔴Vulnerability Details

CVEList

CVE-2025-53679: An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSa↗2025-12-09

▶

GHSA

GHSA-g2jf-rc5w-j8rp: An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSandbox version↗2025-12-09

▶

📋Vendor Advisories

Fortinet

OS command injection in GUI backup options↗2025-12-09

▶