logo

FortiSandbox Vulnerabilities Expose Systems to Auth Bypass and Command Execution

ID: e694cb9a-3e46-5998-aaf4-77870b9ec09f

STIX ID: report--e694cb9a-3e46-5998-aaf4-77870b9ec09f

Feed Name: SOCRadar Blog

Threat Score
85/100

Date Published: 2026-06-17

Date Updated: 2026-06-17

Author: Ameer Owda

...
...

Fortinet FortiSandbox has three critical vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089; CVSS 9.8) that allow authentication bypass and unauthenticated OS command execution via API, JRPC, and Web UI endpoints; affected 4.4 and 5.0 branches (and some cloud/PaaS variants) should be upgraded immediately. The advisory emphasizes high risk for internet-facing management interfaces, notes reported exploitation activity, and recommends patching to fixed versions, restricting access, reviewing HTTP logs for probing/exploitation patterns, and hunting for post-exploitation indicators.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.