OS Command Injection Vulnerability in Fortinet FortiSandbox
CVE-2026-25089
Key Information:
- Vendor
Fortinet
- Vendor
- CVE Published:
- 9 June 2026
Badges
What is CVE-2026-25089?
A vulnerability in Fortinet FortiSandbox could allow an unauthenticated attacker to execute unauthorized commands on affected systems. Attackers may exploit this flaw by sending specially crafted HTTP requests, leading to potential system compromises and unauthorized command execution. The security of devices running FortiSandbox from versions 4.2 through 5.0.5 is at risk, necessitating immediate attention to apply security measures.
Affected Version(s)
FortiSandbox 5.0.0 <= 5.0.5
FortiSandbox 4.4.0 <= 4.4.8
FortiSandbox 4.2.1 <= 4.2.8
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Three critical Fortinet sandbox bugs splattered by unknown attackers
All have patches, so make sure you upgrade to a fixed version
2 weeks ago
Three critical Fortinet sandbox bugs splattered by unknown attackers
All have patches, so make sure you upgrade to a fixed version
2 weeks ago
Help Net SecurityAttackers are exploiting FortiSandbox vulnerabilities - Help Net Security
Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox.
2 weeks ago
References
EPSS Score
23% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π°
Used in Ransomware
- π°
First article discovered by BleepingComputer
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability published
Vulnerability Reserved