CRITICAL🇵🇱 Wersja polska

CVE-2026-25089

CVSS 9.8v3.1pub. 2026-06-09upd. 2026-06-11

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests

🤖 AI Analysis
How it works

The vulnerability involves improper neutralization of special characters used in operating system commands (CWE-78). An attacker can send a specially crafted HTTP request containing malicious elements that are not properly filtered before being passed to the system command interpreter. Since the exploit does not require authentication or user interaction, the attack can be carried out remotely over the network without any prerequisites.

Impact

An attacker can execute arbitrary operating system commands on the device or cloud instance, which in practice may result in complete system takeover, data breach, configuration modification, or service disruption.

Mitigation & patch

Apply patches available from the vendor according to references (https://fortiguard.fortinet.com/psirt/FG-IR-26-141). Until patches are deployed, it is recommended to restrict access to the HTTP/HTTPS interface of FortiSandbox devices exclusively to trusted IP addresses and monitor network traffic for anomalous HTTP requests.

Who is affected

Fortinet FortiSandbox 5.0.0–5.0.5, FortiSandbox 4.4.0–4.4.8, FortiSandbox 4.2 (all versions), FortiSandbox Cloud 5.0.4–5.0.5, FortiSandbox PaaS 5.0.4–5.0.5

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fortinet Fortisandbox

    APP
    Fortinet
    4.2.0 – 4.2.84.4.0 – 4.4.9 (bez)5.0.0 – 5.0.6 (bez)
  • Fortinet Fortisandbox Cloud

    APP
    Fortinet
    5.0.4 – 5.0.6 (bez)
  • Fortinet Fortisandbox Paas

    APP
    Fortinet
    5.0.4 – 5.0.6 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth BypassCommand Injection
CWE
References

Related vulnerabilities

CVE-2026-26083CRITICAL9.8PL ✓ten sam produkt

Brak autoryzacji w Fortinet FortiSandbox umożliwia zdalne wykonanie kodu

CVE-2026-39808CRITICAL9.8PL ✓ten sam produkt

Command Injection w Fortinet FortiSandbox umożliwiający RCE

CVE-2026-39813CRITICAL9.8ten sam produkt

A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 ...

CVE-2026-25836HIGH7.2ten sam produkt

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in...

CVE-2025-52436HIGH8.8ten sam produkt

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79]...