CRITICALCVE-2026-39808Published Modified CNA fortinet
CVE-2026-39808: A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized code or commands via <insert attack vector here>
Metrics
- CVSS v3.1
- 9.1
- Severity
- CRITICAL
- Fixed in
- —
- Affected Products
- 2
Affected packages
- Fortinet / FortiSandbox≤ 4.4.8
- Fortinet / FortiSandbox PaaS23.4.4374 · 23.4.4350 · 23.3.4329 · 23.1.4245 · 22.2.4151 · 22.2.4134
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C