Fortinet patched a critical FortiSandbox vulnerability that could let unauthenticated attackers remotely execute commands via crafted HTTP requests. Fortinet released security updates to address several vulnerabilities affecting FortiSandbox, FortiOS, FortiProxy, and FortiPortal. The most severe issue, tracked as CVE-2026-25089 (CVSS score of 9.8), is an OS command injection flaw in FortiSandbox products. The vulnerability could […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/193509/security/fortinet-patched-a-new-critical-fortisandbox-flaw.html
