← Back to Vulnerability Reports CVE Intelligence

CVE-2026-25089

Fortinet FortiSandbox, FortiSandbox Cloud, FortiSandbox PaaSCRITICAL · CVSS 9.8No exploitation reported

What is CVE-2026-25089?

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests

CVSS9.8 NVD 3.1
SeverityCRITICAL
ExploitationNo exploitation reported
EPSS2% · P84
Triage statusNo Known Exploit
ActionPatch within 48 hours
CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWECWE-78
NVD published2026-06-09
NVD last modified2026-06-09

Affected product

Fortinet FortiSandbox, FortiSandbox Cloud, FortiSandbox PaaS

Remediation Steps

  1. Apply Fortinet security patch for the command injection vulnerability in FortiSandbox WEB UI
  2. Review and restrict administrative access to FortiSandbox deployments
  3. Validate that command injection attempts are blocked or logged
  4. Monitor FortiSandbox logs for exploitation attempts

References

Coverage on defend.network

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Get Critical CVE Alerts

Subscribe free and hear about actively exploited CVEs like this one first.