CVE-2026-25836

Name of the Vulnerable Software and Affected Versions Fortinet FortiSandbox Cloud version 5.0.4

Description The system contains a flaw due to improper neutralization of special elements used in an operating system command, specifically an 'os command injection' issue. Successful exploitation may allow a remote attacker with super-admin privileges and CLI access to execute unauthorized code or commands through specially crafted HTTP requests. The vulnerability is triggered by crafted HTTP requests sent to the system. The vulnerable component involves the handling of special elements within operating system commands.

Recommendations Fortinet FortiSandbox Cloud version 5.0.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability.