{"id":79523,"date":"2026-06-09T19:46:39","date_gmt":"2026-06-09T16:16:39","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-25089-fortinet-fortisandbox-os-command-injection\/"},"modified":"2026-06-09T19:46:39","modified_gmt":"2026-06-09T16:16:39","slug":"cve-2026-25089-fortinet-fortisandbox-os-command-injection","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-25089-fortinet-fortisandbox-os-command-injection\/","title":{"rendered":"CVE-2026-25089 – Fortinet FortiSandbox OS Command Injection"},"content":{"rendered":"

CVE ID :CVE-2026-25089<\/p>\n

Published : June 9, 2026, 4:16 p.m. | 19\u00a0minutes ago<\/p>\n

Description :A improper neutralization of special elements used in an os command (‘os command injection’) vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests<\/p>\n

Severity: 9.8 | CRITICAL<\/p>\n

Visit the link for more details, such as CVSS details, affected products, timeline, and more…\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"

CVE ID :CVE-2026-25089 Published : June 9, 2026, 4:16 p.m. | 19\u00a0minutes ago Description :A improper neutralization of special elements used in an os command (‘os command injection’) vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-79523","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/79523","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=79523"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/79523\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=79523"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=79523"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=79523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}