The vulnerability of the MTA email message checking module and the file checksum search module of the FortiSandbox threat detection and removal system allows a perpetrator to execute arbitrary SQL code.

The vulnerability of the MTA email message checking module and the file checksum search module of the FortiSandbox threat detection and removal system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute...

CVE-2020-29011

Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests...