Fortinet Fortisandbox vulnerabilities

CVE-2026-39808 [CRITICAL] CWE-78 CVE-2026-39808: A improper neutralization of special elements used in an os command ('os command injection') vulnera A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized code or commands via

CVE-2026-39813 [CRITICAL] CWE-24 CVE-2026-39813: A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSand A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via

CVE-2026-39812 [MEDIUM] CWE-79 CVE-2026-39812: A improper neutralization of input during web page generation ('cross-site scripting') vulnerability A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8, FortiSandbox PaaS 4.2 all versions may allow attacker to execu

CVE-2025-61886 [MEDIUM] CWE-79 CVE-2025-61886: An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilit An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox PaaS 5.0.0 through 5.0.4 may allow an attacker to perform an XSS attack via crafted HTTP requests.

CVE-2026-25691 [MEDIUM] CWE-22 CVE-2026-25691: A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to delete an arbitrary d

CVE-2026-27316 [LOW] CWE-522 CVE-2026-27316: A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, F A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.

CVE-2025-53608 [MEDIUM] CWE-79 CVE-2025-53608: An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilit An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated privileged attacker to execute code via crafted requests.

CVE-2025-52436 [HIGH] CWE-79 CVE-2025-52436: An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilit An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an unauthenticated attacker to execute commands via crafted requests.

CVE-2025-67685 [LOW] CWE-918 CVE-2025-67685: A Server-Side Request Forgery (SSRF) vulnerability [CWE-918] vulnerability in Fortinet FortiSandbox A Server-Side Request Forgery (SSRF) vulnerability [CWE-918] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox 4.4 all versions, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated attacker to proxy internal requests limited to plaintext endpoints only via crafted HTTP requests.

CVE-2025-53679 [HIGH] CWE-78 CVE-2025-53679: An improper neutralization of special elements used in an OS command ('OS Command Injection') vulner An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1, FortiSandbox Cloud 23 all versions allows a remote privi

CVE-2025-53949 [HIGH] CWE-78 CVE-2025-53949: An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulner An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated attacker to execute unauthorized code on the underlying

CVE-2025-54353 [MEDIUM] CWE-79 CVE-2025-54353: An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilit An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an attacker to perform an XSS attack via crafted HTTP requests.

CVE-2025-46215 [MEDIUM] CWE-653 CVE-2025-46215: An Improper Isolation or Compartmentalization vulnerability [CWE-653] in Fortinet FortiSandbox 5.0.0 An Improper Isolation or Compartmentalization vulnerability [CWE-653] in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an unauthenticated attacker to evade the sandboxing scan via a crafted file.

CVE-2024-27779 [MEDIUM] CWE-613 CVE-2024-27779: An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4.4. An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4.4.4 and below, version 4.2.6 and below, 4.0 all versions, 3.2 all versions and FortiIsolator version 2.4 and below, 2.3 all versions, 2.2 all versions, 2.1 all versions, 2.0 all versions, 1.2 all versions may allow a remote attacker in possession of an

CVE-2021-26105 [MEDIUM] CWE-358 CVE-2021-26105: A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox version A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and below may allow an authenticated attacker to potentially execute unauthorized code or commands via specifically crafted HTTP requests.

CVE-2024-54027 [HIGH] CWE-321 CVE-2024-54027: A Use of Hard-coded Cryptographic Key vulnerability [CWE-321] in FortiSandbox version 4.4.6 and belo A Use of Hard-coded Cryptographic Key vulnerability [CWE-321] in FortiSandbox version 4.4.6 and below, version 4.2.7 and below, version 4.0.5 and below, version 3.2.4 and below, version 3.1.5 and below, version 3.0.7 to 3.0.5 may allow a privileged attacker with super-admin profile and CLI access to read sensitive data via CLI.

CVE-2024-52960 [MEDIUM] CWE-602 CVE-2024-52960: A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox v A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.

CVE-2024-45328 [HIGH] CWE-863 CVE-2024-45328: An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow a l An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow a low priviledged administrator to execute elevated CLI commands via the GUI console menu.

CVE-2024-54018 [HIGH] CWE-78 CVE-2024-54018: Multiple improper neutralization of special elements used in an OS Command vulnerabilities [CWE-78] Multiple improper neutralization of special elements used in an OS Command vulnerabilities [CWE-78] in FortiSandbox before 4.4.5 allows a privileged attacker to execute unauthorized commands via crafted requests.

CVE-2024-52961 [HIGH] CWE-78 CVE-2024-52961: An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerab An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0, FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2.1 through 4.2.7, FortiSandbox 4.0.0 through 4.0.5, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions allows an authenticate