📦 Fortisandbox

This OS command injection vulnerability in Fortinet FortiSandbox allows remote privileged attackers to execute arbitrary commands via crafted HTTP/HTTPS requests. Affected systems include FortiSandbox...

This OS command injection vulnerability in Fortinet FortiSandbox allows authenticated attackers to execute arbitrary commands on the underlying system via crafted HTTP requests. Affected users include...

This vulnerability allows a privileged attacker with super-admin profile and CLI access to read sensitive data via hard-coded cryptographic keys in FortiSandbox. It affects multiple versions of FortiS...

This vulnerability allows privileged attackers to execute arbitrary operating system commands on FortiSandbox appliances through crafted requests. It affects FortiSandbox versions before 4.4.5 and req...

This CVE describes an OS command injection vulnerability in Fortinet FortiSandbox that allows authenticated users with read-only permissions to execute arbitrary commands via crafted requests. Attacke...

This vulnerability allows low-privileged administrators in FortiSandbox to execute elevated CLI commands through the GUI console menu due to incorrect authorization checks. It affects FortiSandbox ver...

This is a cross-site scripting (XSS) vulnerability in Fortinet FortiSandbox that allows authenticated attackers to inject malicious scripts into web pages. When exploited, it enables execution of unau...

This CVE-2024-27778 is an OS command injection vulnerability in Fortinet FortiSandbox that allows authenticated attackers with read-only permissions to execute arbitrary commands via crafted requests....

This vulnerability allows attackers to bypass server-side security controls in Fortinet FortiSandbox by manipulating client-side HTTP requests, enabling unauthorized code or command execution. It affe...

This CVE describes an OS command injection vulnerability in Fortinet FortiSandbox that allows attackers to execute arbitrary commands on affected systems. Attackers can exploit this by sending special...

This path traversal vulnerability in Fortinet FortiSandbox allows attackers to execute arbitrary code or commands via specially crafted HTTP requests. It affects FortiSandbox versions 4.4.0-4.4.3, 4.2...

This cross-site scripting (XSS) vulnerability in Fortinet FortiSandbox allows attackers to inject malicious scripts via crafted HTTP requests, which could lead to unauthorized code execution. Affected...

This is a cross-site scripting (XSS) vulnerability in Fortinet FortiSandbox that allows attackers to inject malicious scripts via crafted HTTP requests. When exploited, it enables execution of unautho...

This vulnerability allows authenticated remote attackers to make unauthorized API calls on Fortinet FortiSandbox and FortiDeceptor systems. Attackers can bypass intended privilege controls via crafted...

This SQL injection vulnerability in FortiSandbox allows authenticated attackers to execute arbitrary SQL commands via crafted HTTP requests to the checksum search and MTA-quarantine modules. Successfu...

This CVE describes a path traversal vulnerability in FortiSandbox that allows authenticated users to access restricted files and directories via specially crafted web requests. The vulnerability affec...

This CVE describes a cross-site scripting (XSS) vulnerability in Fortinet FortiSandbox that allows attackers to inject malicious scripts via crafted HTTP requests. The vulnerability affects multiple v...

An improper isolation vulnerability in Fortinet FortiSandbox allows unauthenticated attackers to bypass sandbox scanning by submitting specially crafted files. This affects FortiSandbox versions 4.0, ...

This CVE describes a stack-based buffer overflow vulnerability in FortiSandbox's profile parser that allows authenticated attackers to execute arbitrary code via crafted HTTP requests. Affected system...

This SQL injection vulnerability in Fortinet FortiSandbox allows attackers to execute unauthorized SQL commands via crafted HTTP requests. It affects multiple FortiSandbox versions including 4.4.0-4.4...

This SSRF vulnerability in Fortinet FortiSandbox allows authenticated attackers to proxy internal requests to plaintext endpoints via crafted HTTP requests. It affects FortiSandbox versions 4.0, 4.2, ...