Fortinet

Fortisandbox

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2025-53608

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 10.03.2026 16:44:14
  • Zuletzt bearbeitet 12.03.2026 21:18:33

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4...

9.6

CVE-2025-52436

Medienbericht
  • EPSS 0.27%
  • Veröffentlicht 10.02.2026 15:39:11
  • Zuletzt bearbeitet 18.02.2026 17:50:21

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4...

3.8

CVE-2025-67685

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 13.01.2026 16:32:29
  • Zuletzt bearbeitet 14.01.2026 21:38:01

A Server-Side Request Forgery (SSRF) vulnerability [CWE-918] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox 4.4 all versions, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated attacker t...

7.2

CVE-2025-53679

  • EPSS 0.27%
  • Veröffentlicht 09.12.2025 17:19:51
  • Zuletzt bearbeitet 05.02.2026 16:58:45

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSan...

6.1

CVE-2025-54353

  • EPSS 0.09%
  • Veröffentlicht 09.12.2025 17:19:49
  • Zuletzt bearbeitet 09.12.2025 20:10:23

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4...

8.8

CVE-2025-53949

  • EPSS 0.14%
  • Veröffentlicht 09.12.2025 17:19:24
  • Zuletzt bearbeitet 09.12.2025 20:12:27

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSan...

5.3

CVE-2025-46215

  • EPSS 0.12%
  • Veröffentlicht 18.11.2025 17:01:21
  • Zuletzt bearbeitet 20.11.2025 14:38:52

An Improper Isolation or Compartmentalization vulnerability [CWE-653] in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an unauthenticated attacker t...

6.7

CVE-2024-27779

  • EPSS 0.12%
  • Veröffentlicht 18.07.2025 07:58:23
  • Zuletzt bearbeitet 22.07.2025 17:07:27

An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4.4.4 and below, version 4.2.6 and below, 4.0 all versions, 3.2 all versions and FortiIsolator version 2.4 and below, 2.3 all versions, 2.2 all versions, ...

8.8

CVE-2021-26105

  • EPSS 0.2%
  • Veröffentlicht 24.03.2025 15:27:56
  • Zuletzt bearbeitet 24.07.2025 19:18:02

A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and below may allow an authenticated attacker to potentially execute unauthorized code or commands via specifically cra...

4.4

CVE-2024-54027

  • EPSS 0.03%
  • Veröffentlicht 17.03.2025 13:05:31
  • Zuletzt bearbeitet 24.07.2025 20:17:55

A Use of Hard-coded Cryptographic Key vulnerability [CWE-321] in FortiSandbox version 4.4.6 and below, version 4.2.7 and below, version 4.0.5 and below, version 3.2.4 and below, version 3.1.5 and below, version 3.0.7 to 3.0.5 may allow a privileged a...