Fortinet ≫ Fortisandbox

23 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

9.8

CVE-2026-26083

Medienbericht

EPSS 0.05%
Veröffentlicht 12.05.2026 16:54:04
Zuletzt bearbeitet 15.05.2026 13:42:07

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS ...

9.8

CVE-2026-39813

Medienbericht

EPSS 0.12%
Veröffentlicht 14.04.2026 15:38:30
Zuletzt bearbeitet 20.04.2026 19:11:30

A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via <insert attack vector here>

5.4

CVE-2025-61886

EPSS 0.03%
Veröffentlicht 14.04.2026 15:38:21
Zuletzt bearbeitet 22.04.2026 19:09:04

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox PaaS 5.0.0 through 5.0.4 may allow an attacker to perform an XSS a...

4.8

CVE-2026-39812

EPSS 0.04%
Veröffentlicht 14.04.2026 15:38:18
Zuletzt bearbeitet 21.04.2026 17:12:33

A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5,...

6.7

CVE-2026-25691

EPSS 0.06%
Veröffentlicht 14.04.2026 15:38:16
Zuletzt bearbeitet 22.04.2026 18:55:51

A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS ...

9.8

CVE-2026-39808

Medienbericht

EPSS 23.9%
Veröffentlicht 14.04.2026 15:38:02
Zuletzt bearbeitet 22.04.2026 14:17:00

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized code or commands via <insert attack vector here>

2.7

CVE-2026-27316

EPSS 0.04%
Veröffentlicht 14.04.2026 15:38:02
Zuletzt bearbeitet 22.04.2026 18:54:01

A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via clie...

4.8

CVE-2025-53608

Medienbericht

EPSS 0.04%
Veröffentlicht 10.03.2026 16:44:14
Zuletzt bearbeitet 12.03.2026 21:18:33

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4...

9.6

CVE-2025-52436

Medienbericht

EPSS 0.31%
Veröffentlicht 10.02.2026 15:39:11
Zuletzt bearbeitet 18.02.2026 17:50:21

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4...

3.8

CVE-2025-67685

Medienbericht

EPSS 0.04%
Veröffentlicht 13.01.2026 16:32:29
Zuletzt bearbeitet 14.01.2026 21:38:01

A Server-Side Request Forgery (SSRF) vulnerability [CWE-918] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox 4.4 all versions, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated attacker t...

123>

Team-orientierte Vulnerability Management Plattform

Features der Plattform

Fortinet ≫ Fortisandbox

CVE-2026-26083

CVE-2026-39813

CVE-2025-61886

CVE-2026-39812

CVE-2026-25691

CVE-2026-39808

CVE-2026-27316

CVE-2025-53608

CVE-2025-52436

CVE-2025-67685