Primary

Context

Fortinet FortiSandbox Cloud OS Command Injection Vulnerability

Vulnerability

Patched

A vulnerability allowing OS command injection has been identified in Fortinet FortiSandbox Cloud version 5.0.4. This issue arises from improper neutralization of special elements used in OS commands, potentially allowing a privileged attacker with a super-admin profile and CLI access to execute unauthorized code or commands. The vulnerability can be exploited through crafted HTTP requests.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code or commands on the affected system.

Remediation

Fortinet has addressed this vulnerability in FortiSandbox Cloud version 5.0.5. Customers using version 5.0.4 should update to version 5.0.5.

Added: Mar 10, 2026, 7:19 PM

Updated: Mar 10, 2026, 7:19 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.4

remediation

7.7

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.4

remediation

7.7

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiSandbox Cloud OS Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Fortinet FortiSandbox Cloud

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating