Path Traversal Vulnerability in Fortinet FortiSandbox Products
CVE-2026-39813

9.1CRITICAL

Key Information:

Vendor

Fortinet
Status
Fortisandbox
Fortisandbox Cloud
Vendor
CVE Published:
14 April 2026

Badges

đź“° News Worthy

What is CVE-2026-39813?

A path traversal vulnerability exists in Fortinet's FortiSandbox, affecting versions 5.0.0 through 5.0.5 and 4.4.0 through 4.4.8. This vulnerability may enable attackers to exploit the system by manipulating file directories, potentially leading to privilege escalation. Proper input validation is crucial to mitigating this risk and ensuring secure operation of affected products.

Affected Version(s)

FortiSandbox 5.0.0 <= 5.0.5

FortiSandbox 4.4.0 <= 4.4.8

FortiSandbox Cloud 24.1

News Articles

favicon imagePlato Data Intelligence

Week In Review: Acrobat Reader Flaw Exploited, Claude Mythos Offensive Capabilities And Limits - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

favicon imageHelp Net Security

Week in review: Acrobat Reader flaw exploited, Claude Mythos offensive capabilities and limits - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Bringing governance and visibility to machine and AI

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-112

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by Plato Data Intelligence

  • Vulnerability published

  • Vulnerability Reserved

.