2 matches found
EUVD-2025-202268
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiSandbox version 5.0.0 through 5.0.2 and before 4.4.7 GUI allows a remote privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPS request...
The vulnerability of the GUI component of the FortiSandbox threat detection and mitigation system allows a perpetrator to execute arbitrary commands.
The vulnerability of the GUI component of the FortiSandbox threat detection and mitigation system exists because measures to neutralize its special elements have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...