CVE-2026-25691

Summary

A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to delete an arbitrary directory via HTTP crafted requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiSandbox PaaS5.0.4affected
FortinetFortiSandbox Cloud5.0.4affected
FortinetFortiSandbox5.0.0 <= 5.0.5affected
FortinetFortiSandbox4.4.0 <= 4.4.8affected
FortinetFortiSandbox4.2.1 <= 4.2.8affected

Weaknesses

  • CWE-22: Execute unauthorized code or commands

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References