Fortinet FortiSandbox Path Traversal Vulnerability Allowing Arbitrary Directory Deletion

A path traversal vulnerability has been identified in Fortinet FortiSandbox versions 5.0.0 through 5.0.5, 4.4.0 through 4.4.8, and all versions of FortiSandbox 4.2. Additionally, FortiSandbox Cloud 5.0.4 and FortiSandbox PaaS 5.0.4 are affected. This vulnerability allows a privileged attacker with a super-admin profile and CLI access to delete arbitrary directories by sending crafted HTTP requests.

Impact

Exploitation of this vulnerability could lead to unauthorized deletion of directories, potentially causing data loss or disruption of service.

Remediation

Users of Fortinet FortiSandbox 5.0.0 through 5.0.5 should upgrade to 5.0.6 or above. Users of Fortinet FortiSandbox 4.4.0 through 4.4.8 should upgrade to 4.4.9 or above. Fortinet FortiSandbox 4.2 users should migrate to a fixed release. For Fortinet FortiSandbox Cloud 5.0.4, no action is needed as the issue has been remediated in 5.0.5. Fortinet FortiSandbox PaaS 5.0.4 users should upgrade to 5.0.5 or above.