Search
Find a vulnerability
Search criteria
18 vulnerabilities found for fortisandbox_cloud by fortinet
CVE-2026-25089 (GCVE-0-2026-25089)
Vulnerability from nvd – Published: 2026-06-09 14:27 – Updated: 2026-06-10 13:35
VLAI
Summary
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.5
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox Cloud |
Affected:
5.0.4 , ≤ 5.0.5
(semver)
cpe:2.3:a:fortinet:fortisandboxcloud:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.4 , ≤ 5.0.5
(semver)
cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25089",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T03:58:38.447554Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T13:35:01.375Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.4",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.4",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T14:27:47.492Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-141",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-141"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to upcoming FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox version 4.4.9 or above\nUpgrade to upcoming FortiSandbox PaaS version 5.2.0 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above\nFortinet remediated this issue in FortiSandbox Cloud version 5.2.0 (not released) and hence customers do not need to perform any action.\nFortinet remediated this issue in FortiSandbox Cloud version 5.0.6 (not released) and hence customers do not need to perform any action."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-25089",
"datePublished": "2026-06-09T14:27:47.492Z",
"dateReserved": "2026-01-29T09:27:29.820Z",
"dateUpdated": "2026-06-10T13:35:01.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26083 (GCVE-0-2026-26083)
Vulnerability from nvd – Published: 2026-05-12 16:54 – Updated: 2026-05-13 03:58
VLAI
Summary
A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all versions, FortiSandbox PaaS 22.1 all versions, FortiSandbox PaaS 21.4 all versions, FortiSandbox PaaS 21.3 all versions, FortiSandbox PaaS 5.0.0 through 5.0.1, FortiSandbox PaaS 4.4.5 through 4.4.8 may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox Cloud |
Affected:
5.0.0 , ≤ 5.0.1
(semver)
Affected: 4.4.5 , ≤ 4.4.8 (semver) cpe:2.3:a:fortinet:fortisandboxcloud:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:4.4.5:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.1
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
23.4.4374
Affected: 23.4.4350 Affected: 23.3.4329 Affected: 23.1.4245 Affected: 22.2.4151 Affected: 22.2.4134 Affected: 22.1.4113 Affected: 21.4.4072 Affected: 21.3.4055 Affected: 5.0.0 , ≤ 5.0.1 (semver) Affected: 4.4.5 , ≤ 4.4.8 (semver) cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.5:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26083",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:29.159Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:4.4.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.5",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "23.4.4374"
},
{
"status": "affected",
"version": "23.4.4350"
},
{
"status": "affected",
"version": "23.3.4329"
},
{
"status": "affected",
"version": "23.1.4245"
},
{
"status": "affected",
"version": "22.2.4151"
},
{
"status": "affected",
"version": "22.2.4134"
},
{
"status": "affected",
"version": "22.1.4113"
},
{
"status": "affected",
"version": "21.4.4072"
},
{
"status": "affected",
"version": "21.3.4055"
},
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.5",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all versions, FortiSandbox PaaS 22.1 all versions, FortiSandbox PaaS 21.4 all versions, FortiSandbox PaaS 21.3 all versions, FortiSandbox PaaS 5.0.0 through 5.0.1, FortiSandbox PaaS 4.4.5 through 4.4.8 may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:54:04.923Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-136",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-136"
}
],
"solutions": [
{
"lang": "en",
"value": "Fortinet remediated this issue in FortiSandbox Cloud version 5.0.2 and hence customers do not need to perform any action.\nFortinet remediated this issue in FortiSandbox Cloud version 4.4.9 and hence customers do not need to perform any action.\nUpgrade to FortiSandbox version 5.0.2 or above\nUpgrade to FortiSandbox version 4.4.9 or above\nUpgrade to FortiSandbox PaaS version 5.0.2 or above\nUpgrade to FortiSandbox PaaS version 4.4.9 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-26083",
"datePublished": "2026-05-12T16:54:04.923Z",
"dateReserved": "2026-02-11T09:32:22.258Z",
"dateUpdated": "2026-05-13T03:58:29.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-39812 (GCVE-0-2026-39812)
Vulnerability from nvd – Published: 2026-04-14 15:38 – Updated: 2026-04-14 16:46
VLAI
Summary
A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8, FortiSandbox PaaS 4.2 all versions may allow attacker to execute unauthorized code or commands via <insert attack vector here>
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.4
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.0 , ≤ 5.0.5
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39812",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T16:26:08.654637Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:46:15.629Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8, FortiSandbox PaaS 4.2 all versions may allow attacker to execute unauthorized code or commands via \u003cinsert attack vector here\u003e"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:38:18.366Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-110",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-110"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox version 4.4.9 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above\nUpgrade to FortiSandbox PaaS version 4.4.9 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-39812",
"datePublished": "2026-04-14T15:38:18.366Z",
"dateReserved": "2026-04-07T15:24:11.535Z",
"dateUpdated": "2026-04-14T16:46:15.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27316 (GCVE-0-2026-27316)
Vulnerability from nvd – Published: 2026-04-14 15:38 – Updated: 2026-04-14 16:46
VLAI
Summary
A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Information disclosure
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.5
(semver)
Affected: 4.4.0 , ≤ 4.4.9 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
23.4.4374
Affected: 23.4.4350 Affected: 23.3.4329 Affected: 23.1.4245 Affected: 22.2.4151 Affected: 22.2.4134 Affected: 22.1.4113 Affected: 21.4.4072 Affected: 21.3.4055 Affected: 5.0.1 , ≤ 5.0.5 (semver) cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T16:29:34.942295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:46:17.486Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.9",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "23.4.4374"
},
{
"status": "affected",
"version": "23.4.4350"
},
{
"status": "affected",
"version": "23.3.4329"
},
{
"status": "affected",
"version": "23.1.4245"
},
{
"status": "affected",
"version": "22.2.4151"
},
{
"status": "affected",
"version": "22.2.4134"
},
{
"status": "affected",
"version": "22.1.4113"
},
{
"status": "affected",
"version": "21.4.4072"
},
{
"status": "affected",
"version": "21.3.4055"
},
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:38:02.149Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to upcoming FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-27316",
"datePublished": "2026-04-14T15:38:02.149Z",
"dateReserved": "2026-02-19T09:02:02.381Z",
"dateUpdated": "2026-04-14T16:46:17.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25691 (GCVE-0-2026-25691)
Vulnerability from nvd – Published: 2026-04-14 15:38 – Updated: 2026-04-14 16:46
VLAI
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to delete an arbitrary directory via HTTP crafted requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.4
cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox Cloud |
Affected:
5.0.4
cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.5
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25691",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T16:34:33.306644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:46:16.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.0.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.0.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory (\u0027path traversal\u0027) vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to delete an arbitrary directory via HTTP crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:38:16.406Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-115",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-115"
}
],
"solutions": [
{
"lang": "en",
"value": "Fortinet remediated this issue in FortiSandbox Cloud version 5.0.5 and hence customers do not need to perform any action.\nUpgrade to upcoming FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox version 4.4.9 or above\nUpgrade to FortiSandbox PaaS version 5.0.5 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-25691",
"datePublished": "2026-04-14T15:38:16.406Z",
"dateReserved": "2026-02-05T08:56:55.794Z",
"dateUpdated": "2026-04-14T16:46:16.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61886 (GCVE-0-2025-61886)
Vulnerability from nvd – Published: 2026-04-14 15:38 – Updated: 2026-04-14 16:46
VLAI
Summary
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox PaaS 5.0.0 through 5.0.4 may allow an attacker to perform an XSS attack via crafted HTTP requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.0 , ≤ 5.0.4
(semver)
cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.4
(semver)
cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61886",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T16:24:45.323517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:46:15.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox PaaS 5.0.0 through 5.0.4 may allow an attacker to perform an XSS attack via crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:38:21.587Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-109",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-109"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSandbox PaaS version 5.0.5 or above\nUpgrade to FortiSandbox version 5.0.5 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-61886",
"datePublished": "2026-04-14T15:38:21.587Z",
"dateReserved": "2025-10-03T08:50:52.097Z",
"dateUpdated": "2026-04-14T16:46:15.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25836 (GCVE-0-2026-25836)
Vulnerability from nvd – Published: 2026-03-10 16:44 – Updated: 2026-05-12 16:54
VLAI
Summary
An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox Cloud |
Affected:
5.0.4
cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.4
cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25836",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T03:56:56.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.0.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.0.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an os command (\u0027os command injection\u0027) vulnerability in Fortinet FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:54:09.916Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-096",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-096"
}
],
"solutions": [
{
"lang": "en",
"value": "Fortinet remediated this issue in FortiSandbox Cloud version 5.0.5 and hence customers do not need to perform any action.\nUpgrade to FortiSandbox PaaS version 5.0.5 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-25836",
"datePublished": "2026-03-10T16:44:06.991Z",
"dateReserved": "2026-02-06T08:48:58.542Z",
"dateUpdated": "2026-05-12T16:54:09.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53679 (GCVE-0-2025-53679)
Vulnerability from nvd – Published: 2025-12-09 17:19 – Updated: 2026-02-26 16:56
VLAI
Summary
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1, FortiSandbox Cloud 23 all versions allows a remote privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.2
(semver)
Affected: 4.4.0 , ≤ 4.4.7 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) Affected: 4.0.0 , ≤ 4.0.6 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox Cloud |
Affected:
24.1
Affected: 23.4 cpe:2.3:a:fortinet:fortisandboxcloud:24.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:23.4:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T04:57:29.061841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:56:59.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.7",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.6",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:24.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:23.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "24.1"
},
{
"status": "affected",
"version": "23.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027) vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1, FortiSandbox Cloud 23 all versions allows a remote privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T12:52:34.446Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-454",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-454"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSandbox version 5.0.3 or above\nUpgrade to FortiSandbox version 4.4.8 or above\nFortinet remediated this issue in FortiSandbox Cloud version 24.2 (not released) and hence customers do not need to perform any action."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-53679",
"datePublished": "2025-12-09T17:19:51.110Z",
"dateReserved": "2025-07-08T09:23:05.010Z",
"dateUpdated": "2026-02-26T16:56:59.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-54026 (GCVE-0-2024-54026)
Vulnerability from nvd – Published: 2025-03-11 14:54 – Updated: 2026-01-14 14:16
VLAI
Summary
An improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions, FortiSandbox Cloud 24.1 allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
4.4.0 , ≤ 4.4.6
(semver)
Affected: 4.2.1 , ≤ 4.2.8 (semver) Affected: 4.0.0 , ≤ 4.0.6 (semver) Affected: 3.2.0 , ≤ 3.2.4 (semver) Affected: 3.1.0 , ≤ 3.1.5 (semver) Affected: 3.0.0 , ≤ 3.0.7 (semver) cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox Cloud |
Affected:
24.1
cpe:2.3:a:fortinet:fortisandboxcloud:24.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-54026",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T16:02:30.152318Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T16:05:02.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "4.4.6",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.6",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.4",
"status": "affected",
"version": "3.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.5",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.0.7",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:24.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "24.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in Fortinet FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions, FortiSandbox Cloud 24.1 allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T14:16:03.420Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-353",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-353"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSandbox version 5.0.1 or above\nUpgrade to FortiSandbox version 4.4.7 or above\nFortinet remediated this issue in FortiSandbox Cloud version 24.2 (not released) and hence customers do not need to perform any action."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-54026",
"datePublished": "2025-03-11T14:54:38.660Z",
"dateReserved": "2024-11-27T15:20:39.891Z",
"dateUpdated": "2026-01-14T14:16:03.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25089 (GCVE-0-2026-25089)
Vulnerability from cvelistv5 – Published: 2026-06-09 14:27 – Updated: 2026-06-10 13:35
VLAI
Summary
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.5
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox Cloud |
Affected:
5.0.4 , ≤ 5.0.5
(semver)
cpe:2.3:a:fortinet:fortisandboxcloud:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.4 , ≤ 5.0.5
(semver)
cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25089",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T03:58:38.447554Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T13:35:01.375Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.4",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.4",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-09T14:27:47.492Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-141",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-141"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to upcoming FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox version 4.4.9 or above\nUpgrade to upcoming FortiSandbox PaaS version 5.2.0 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above\nFortinet remediated this issue in FortiSandbox Cloud version 5.2.0 (not released) and hence customers do not need to perform any action.\nFortinet remediated this issue in FortiSandbox Cloud version 5.0.6 (not released) and hence customers do not need to perform any action."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-25089",
"datePublished": "2026-06-09T14:27:47.492Z",
"dateReserved": "2026-01-29T09:27:29.820Z",
"dateUpdated": "2026-06-10T13:35:01.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26083 (GCVE-0-2026-26083)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:54 – Updated: 2026-05-13 03:58
VLAI
Summary
A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all versions, FortiSandbox PaaS 22.1 all versions, FortiSandbox PaaS 21.4 all versions, FortiSandbox PaaS 21.3 all versions, FortiSandbox PaaS 5.0.0 through 5.0.1, FortiSandbox PaaS 4.4.5 through 4.4.8 may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox Cloud |
Affected:
5.0.0 , ≤ 5.0.1
(semver)
Affected: 4.4.5 , ≤ 4.4.8 (semver) cpe:2.3:a:fortinet:fortisandboxcloud:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:4.4.5:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.1
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
23.4.4374
Affected: 23.4.4350 Affected: 23.3.4329 Affected: 23.1.4245 Affected: 22.2.4151 Affected: 22.2.4134 Affected: 22.1.4113 Affected: 21.4.4072 Affected: 21.3.4055 Affected: 5.0.0 , ≤ 5.0.1 (semver) Affected: 4.4.5 , ≤ 4.4.8 (semver) cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.5:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26083",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:29.159Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:4.4.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.5",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "23.4.4374"
},
{
"status": "affected",
"version": "23.4.4350"
},
{
"status": "affected",
"version": "23.3.4329"
},
{
"status": "affected",
"version": "23.1.4245"
},
{
"status": "affected",
"version": "22.2.4151"
},
{
"status": "affected",
"version": "22.2.4134"
},
{
"status": "affected",
"version": "22.1.4113"
},
{
"status": "affected",
"version": "21.4.4072"
},
{
"status": "affected",
"version": "21.3.4055"
},
{
"lessThanOrEqual": "5.0.1",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.5",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all versions, FortiSandbox PaaS 22.1 all versions, FortiSandbox PaaS 21.4 all versions, FortiSandbox PaaS 21.3 all versions, FortiSandbox PaaS 5.0.0 through 5.0.1, FortiSandbox PaaS 4.4.5 through 4.4.8 may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:54:04.923Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-136",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-136"
}
],
"solutions": [
{
"lang": "en",
"value": "Fortinet remediated this issue in FortiSandbox Cloud version 5.0.2 and hence customers do not need to perform any action.\nFortinet remediated this issue in FortiSandbox Cloud version 4.4.9 and hence customers do not need to perform any action.\nUpgrade to FortiSandbox version 5.0.2 or above\nUpgrade to FortiSandbox version 4.4.9 or above\nUpgrade to FortiSandbox PaaS version 5.0.2 or above\nUpgrade to FortiSandbox PaaS version 4.4.9 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-26083",
"datePublished": "2026-05-12T16:54:04.923Z",
"dateReserved": "2026-02-11T09:32:22.258Z",
"dateUpdated": "2026-05-13T03:58:29.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61886 (GCVE-0-2025-61886)
Vulnerability from cvelistv5 – Published: 2026-04-14 15:38 – Updated: 2026-04-14 16:46
VLAI
Summary
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox PaaS 5.0.0 through 5.0.4 may allow an attacker to perform an XSS attack via crafted HTTP requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.0 , ≤ 5.0.4
(semver)
cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.4
(semver)
cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61886",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T16:24:45.323517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:46:15.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox PaaS 5.0.0 through 5.0.4 may allow an attacker to perform an XSS attack via crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:38:21.587Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-109",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-109"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSandbox PaaS version 5.0.5 or above\nUpgrade to FortiSandbox version 5.0.5 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-61886",
"datePublished": "2026-04-14T15:38:21.587Z",
"dateReserved": "2025-10-03T08:50:52.097Z",
"dateUpdated": "2026-04-14T16:46:15.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-39812 (GCVE-0-2026-39812)
Vulnerability from cvelistv5 – Published: 2026-04-14 15:38 – Updated: 2026-04-14 16:46
VLAI
Summary
A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8, FortiSandbox PaaS 4.2 all versions may allow attacker to execute unauthorized code or commands via <insert attack vector here>
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.4
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.0 , ≤ 5.0.5
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:4.2.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39812",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T16:26:08.654637Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:46:15.629Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8, FortiSandbox PaaS 4.2 all versions may allow attacker to execute unauthorized code or commands via \u003cinsert attack vector here\u003e"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:38:18.366Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-110",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-110"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox version 4.4.9 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above\nUpgrade to FortiSandbox PaaS version 4.4.9 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-39812",
"datePublished": "2026-04-14T15:38:18.366Z",
"dateReserved": "2026-04-07T15:24:11.535Z",
"dateUpdated": "2026-04-14T16:46:15.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25691 (GCVE-0-2026-25691)
Vulnerability from cvelistv5 – Published: 2026-04-14 15:38 – Updated: 2026-04-14 16:46
VLAI
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to delete an arbitrary directory via HTTP crafted requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.4
cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox Cloud |
Affected:
5.0.4
cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.5
(semver)
Affected: 4.4.0 , ≤ 4.4.8 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25691",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T16:34:33.306644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:46:16.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.0.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.0.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.8",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory (\u0027path traversal\u0027) vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to delete an arbitrary directory via HTTP crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:38:16.406Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-115",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-115"
}
],
"solutions": [
{
"lang": "en",
"value": "Fortinet remediated this issue in FortiSandbox Cloud version 5.0.5 and hence customers do not need to perform any action.\nUpgrade to upcoming FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox version 4.4.9 or above\nUpgrade to FortiSandbox PaaS version 5.0.5 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-25691",
"datePublished": "2026-04-14T15:38:16.406Z",
"dateReserved": "2026-02-05T08:56:55.794Z",
"dateUpdated": "2026-04-14T16:46:16.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27316 (GCVE-0-2026-27316)
Vulnerability from cvelistv5 – Published: 2026-04-14 15:38 – Updated: 2026-04-14 16:46
VLAI
Summary
A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Information disclosure
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.5
(semver)
Affected: 4.4.0 , ≤ 4.4.9 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
23.4.4374
Affected: 23.4.4350 Affected: 23.3.4329 Affected: 23.1.4245 Affected: 22.2.4151 Affected: 22.2.4134 Affected: 22.1.4113 Affected: 21.4.4072 Affected: 21.3.4055 Affected: 5.0.1 , ≤ 5.0.5 (semver) cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T16:29:34.942295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:46:17.486Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.9",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "23.4.4374"
},
{
"status": "affected",
"version": "23.4.4350"
},
{
"status": "affected",
"version": "23.3.4329"
},
{
"status": "affected",
"version": "23.1.4245"
},
{
"status": "affected",
"version": "22.2.4151"
},
{
"status": "affected",
"version": "22.2.4134"
},
{
"status": "affected",
"version": "22.1.4113"
},
{
"status": "affected",
"version": "21.4.4072"
},
{
"status": "affected",
"version": "21.3.4055"
},
{
"lessThanOrEqual": "5.0.5",
"status": "affected",
"version": "5.0.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:38:02.149Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-113"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to upcoming FortiSandbox version 5.2.0 or above\nUpgrade to FortiSandbox version 5.0.6 or above\nUpgrade to FortiSandbox PaaS version 5.0.6 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-27316",
"datePublished": "2026-04-14T15:38:02.149Z",
"dateReserved": "2026-02-19T09:02:02.381Z",
"dateUpdated": "2026-04-14T16:46:17.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25836 (GCVE-0-2026-25836)
Vulnerability from cvelistv5 – Published: 2026-03-10 16:44 – Updated: 2026-05-12 16:54
VLAI
Summary
An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox Cloud |
Affected:
5.0.4
cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox PaaS |
Affected:
5.0.4
cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25836",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T03:56:56.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.0.4"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxpaas:5.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox PaaS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.0.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an os command (\u0027os command injection\u0027) vulnerability in Fortinet FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:54:09.916Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-096",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-096"
}
],
"solutions": [
{
"lang": "en",
"value": "Fortinet remediated this issue in FortiSandbox Cloud version 5.0.5 and hence customers do not need to perform any action.\nUpgrade to FortiSandbox PaaS version 5.0.5 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-25836",
"datePublished": "2026-03-10T16:44:06.991Z",
"dateReserved": "2026-02-06T08:48:58.542Z",
"dateUpdated": "2026-05-12T16:54:09.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53679 (GCVE-0-2025-53679)
Vulnerability from cvelistv5 – Published: 2025-12-09 17:19 – Updated: 2026-02-26 16:56
VLAI
Summary
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1, FortiSandbox Cloud 23 all versions allows a remote privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
5.0.0 , ≤ 5.0.2
(semver)
Affected: 4.4.0 , ≤ 4.4.7 (semver) Affected: 4.2.1 , ≤ 4.2.8 (semver) Affected: 4.0.0 , ≤ 4.0.6 (semver) cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox Cloud |
Affected:
24.1
Affected: 23.4 cpe:2.3:a:fortinet:fortisandboxcloud:24.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandboxcloud:23.4:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T04:57:29.061841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:56:59.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.7",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.6",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:24.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandboxcloud:23.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "24.1"
},
{
"status": "affected",
"version": "23.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027) vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1, FortiSandbox Cloud 23 all versions allows a remote privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T12:52:34.446Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-454",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-454"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSandbox version 5.0.3 or above\nUpgrade to FortiSandbox version 4.4.8 or above\nFortinet remediated this issue in FortiSandbox Cloud version 24.2 (not released) and hence customers do not need to perform any action."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-53679",
"datePublished": "2025-12-09T17:19:51.110Z",
"dateReserved": "2025-07-08T09:23:05.010Z",
"dateUpdated": "2026-02-26T16:56:59.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-54026 (GCVE-0-2024-54026)
Vulnerability from cvelistv5 – Published: 2025-03-11 14:54 – Updated: 2026-01-14 14:16
VLAI
Summary
An improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions, FortiSandbox Cloud 24.1 allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSandbox |
Affected:
4.4.0 , ≤ 4.4.6
(semver)
Affected: 4.2.1 , ≤ 4.2.8 (semver) Affected: 4.0.0 , ≤ 4.0.6 (semver) Affected: 3.2.0 , ≤ 3.2.4 (semver) Affected: 3.1.0 , ≤ 3.1.5 (semver) Affected: 3.0.0 , ≤ 3.0.7 (semver) cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.1.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiSandbox Cloud |
Affected:
24.1
cpe:2.3:a:fortinet:fortisandboxcloud:24.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-54026",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T16:02:30.152318Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T16:05:02.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "4.4.6",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.8",
"status": "affected",
"version": "4.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.6",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.4",
"status": "affected",
"version": "3.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.5",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.0.7",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandboxcloud:24.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox Cloud",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "24.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an sql command (\u0027sql injection\u0027) in Fortinet FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions, FortiSandbox Cloud 24.1 allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T14:16:03.420Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-353",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-353"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiSandbox version 5.0.1 or above\nUpgrade to FortiSandbox version 4.4.7 or above\nFortinet remediated this issue in FortiSandbox Cloud version 24.2 (not released) and hence customers do not need to perform any action."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-54026",
"datePublished": "2025-03-11T14:54:38.660Z",
"dateReserved": "2024-11-27T15:20:39.891Z",
"dateUpdated": "2026-01-14T14:16:03.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}