CVE-2026-39813

Summary

A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via specially crafted HTTP requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiSandbox5.0.0 <= 5.0.5affected
FortinetFortiSandbox4.4.0 <= 4.4.8affected
FortinetFortiSandbox Cloud24.1affected
FortinetFortiSandbox Cloud23.4affected
FortinetFortiSandbox Cloud5.0.4 <= 5.0.5affected

Weaknesses

  • CWE-24: Escalation of privilege

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References