Ethical Hacking News
Fortinet patches a critical FortiSandbox flaw that could allow remote attackers to execute commands via crafted HTTP requests, emphasizing the importance of timely software updates in preventing cybersecurity breaches.
Fortinet has released critical security patches for FortiSandbox due to a high-severity vulnerability (CVE-2026-25089) with a score of 9.8. The vulnerability was discovered by Adham El Karn, who identified an improper neutralization of special elements in an OS command vulnerability [CWE-78]. Impacted products and versions include: FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.4 through 5.0.5, and FortiSandbox PaaS 5.0.4 through 5.0.5. Patched vulnerabilities also affect FortiOS, FortiProxy, and the FortiPortal API, including two medium-severity flaws allowing authenticated users to execute scripts or access sensitive information. Experts emphasize the need for proactive security measures, such as regular software updates and robust intrusion detection systems, to safeguard against evolving threats.
Fortinet, a leading cybersecurity firm, has released critical security patches for its FortiSandbox product line. The newly disclosed vulnerability, tracked as CVE-2026-25089, is rated with a high severity score of 9.8 and poses significant risks to organizations that use FortiSandbox to detect and prevent malware.
According to Pierluigi Paganini, a security researcher at Fortinet Product Security team, the vulnerability was discovered by Adham El Karn, who noted an improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiSandbox. This allowed unauthenticated attackers to execute unauthorized commands via specifically crafted HTTP requests.
The critical flaw impacts multiple products and versions, including:
* FortiSandbox 5.0.0 through 5.0.5 (Upgrade to 5.0.6 or above)
* FortiSandbox 4.4.0 through 4.4.8 (Upgrade to 4.4.9 or above)
* FortiSandbox Cloud 5.0.4 through 5.0.5 (Upgrade to 5.0.6 or above)
* FortiSandbox PaaS 5.0.4 through 5.0.5 (Upgrade to 5.0.6 or above)
In addition to the critical vulnerability, Fortinet also patched two medium-severity vulnerabilities affecting FortiOS, FortiProxy, and the FortiPortal API. These flaws could allow authenticated users to execute scripts or access sensitive network configuration information.
Experts emphasize that while the patched vulnerabilities address some of the recent issues, other cybersecurity threats persist in the increasing landscape of malicious software attacks. Organizations must prioritize proactive security measures to safeguard their networks against evolving threats, such as implementing regular software updates and utilizing robust intrusion detection systems.
Related Information:
https://www.ethicalhackingnews.com/articles/Fortinet-Patches-Critical-FortiSandbox-Flaw-Experts-Warn-of-Increased-Vulnerability-to-Remote-Execution-ehn.shtml
https://securityaffairs.com/193509/security/fortinet-patched-a-new-critical-fortisandbox-flaw.html
https://nvd.nist.gov/vuln/detail/CVE-2026-25089
https://www.cvedetails.com/cve/CVE-2026-25089/
Published: Thu Jun 11 06:08:03 2026 by llama3.2 3B Q4_K_M
