Categories: Cyber Security News

FortiSandbox XSS Vulnerability Let Attackers Run Arbitrary Commands

Fortinet has disclosed a high-severity cross-site scripting (XSS) vulnerability in its FortiSandbox platform, tracked as CVE-2025-52436 (FG-IR-25-093), that enables unauthenticated attackers to execute arbitrary commands on affected systems.

Dubbed an “Improper Neutralization of Input During Web Page Generation” issue (CWE-79), the flaw resides in the graphical user interface (GUI) component and scores a 7.9.

At its core, this reflected XSS vulnerability arises from inadequate input sanitization in web page generation. An attacker crafts malicious requests, typically via the browser’s back button or manipulated parameters, that inject executable JavaScript into the GUI.

Once a victim (like an admin) interacts with the tainted page, the script triggers, escalating to remote code execution (RCE). This grants full command-line access, potentially leading to data exfiltration, lateral movement, or sandbox evasion in malware analysis environments.

Affected Versions and Patches

FortiSandbox PaaS deployments bear the brunt:

Version Series	Affected Builds	Recommended Action
5.0	5.0.0 to 5.0.1	Upgrade to 5.0.2+
4.4	4.4.0 to 4.4.7	Upgrade to 4.4.8+
4.2	All versions	Migrate to fixed release
4.0	All versions	Migrate to fixed release

Patches landed in PaaS versions 4.4.8 and 5.0.5. Fortinet urges immediate upgrades, emphasizing exposure mitigation via network segmentation and GUI access restrictions until patched.

Credit goes to Jaguar Perlas of Fortinet’s Burnaby Infosec team for internal discovery. This incident underscores persistent XSS risks in enterprise tools, even sandboxes meant to isolate threats.

Organizations scanning malware or handling sensitive intel should prioritize patching unpatched systems invite command-and-control pivots. Fortinet reports no known exploitation, but the unauthenticated vector demands vigilance.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post FortiSandbox XSS Vulnerability Let Attackers Run Arbitrary Commands appeared first on Cyber Security News.

FortiSandbox OS Command Injection Vulnerability Allows Attackers to Execute Arbitrary Code

A critical security vulnerability has been disclosed in Fortinet’s FortiSandbox platform, exposing organizations to potential system compromise. The flaw, identified as an OS Command Injection vulnerability, allows authenticated attackers to execute arbitrary commands on the underlying operating system. Given FortiSandbox’s pivotal role in advanced threat detection and analysis of malicious…

December 10, 2025

In "Cyber Security News"

FortiSandbox OS command injection Vulnerability Let Attackers execute Malicious code

Fortinet has released a critical security update for its FortiSandbox analysis appliances to fix a dangerous vulnerability. If left unpatched, this flaw could allow attackers to take control of the underlying system. The vulnerability, tracked as CVE-2025-53949, was officially published on December 9, 2025. The security flaw is described as an…

December 10, 2025

In "Cyber Security News"

FortiSandbox SSRF Vulnerability Allow Attacker to proxy Internal Traffic via Crafted HTTP Requests

Fortinet disclosed a Server-Side Request Forgery (SSRF) vulnerability in its FortiSandbox appliance on January 13, 2026, urging users to update amid risks of internal network proxied requests. Tracked as CVE-2025-67685 (FG-IR-25-783), the flaw resides in the GUI component and stems from CWE-918, enabling authenticated attackers to craft HTTP requests that…

January 13, 2026

In "Cyber Security News"

rssfeeds-admin

Next Microsoft Patch Tuesday February 2026 – 54 Vulnerabilities Fixed, Including 6 Zero-days »

Previous « Threat Hunting Is Critical to SOC Maturity but Often Misses Real Attacks

Published by

rssfeeds-admin

2 months ago

Severe storms possible across Big Country Tuesday night

BIG COUNTRY, Texas (KTAB/KRBC) – The Storm Prediction Center has placed nearly the entire Big…

8 minutes ago

Texas News

Flip into the future: McMurry announces gymnastics program

ABILENE, Texas (KTAB/KRBC) - McMurry University has launched Abilene’s only collegiate gymnastics program. The program…

8 minutes ago

Texas News

Coleman’s 150th celebration to feature Lady A, Aaron Watson, William Beckmann

COLEMAN, Texas (KTAB/KRBC) - As the City of Coleman gets ready to celebrate its 150th…

8 minutes ago

Texas News

Abilene Pickleball complex gets official approval

ABILENE, Texas (KTAB/KRBC) - A new pickleball complex proposed in north Abilene has been given…

8 minutes ago

Texas News

Crime Reports: Abilene teen says she was robbed at gunpoint by suspects buying item

Editor’s Note: The Abilene Police Department supplied the following arrest and incident reports. All information…

8 minutes ago

Texas News

Wake-Up Weather: isolated to scattered severe storms at bat once again

8 minutes ago

This website uses cookies.

FortiSandbox XSS Vulnerability Let Attackers Run Arbitrary Commands

Affected Versions and Patches

Related

FortiSandbox OS Command Injection Vulnerability Allows Attackers to Execute Arbitrary Code

FortiSandbox OS command injection Vulnerability Let Attackers execute Malicious code

FortiSandbox SSRF Vulnerability Allow Attacker to proxy Internal Traffic via Crafted HTTP Requests

Recent Posts

Severe storms possible across Big Country Tuesday night

Flip into the future: McMurry announces gymnastics program

Coleman’s 150th celebration to feature Lady A, Aaron Watson, William Beckmann

Abilene Pickleball complex gets official approval

Crime Reports: Abilene teen says she was robbed at gunpoint by suspects buying item

Wake-Up Weather: isolated to scattered severe storms at bat once again

FortiSandbox XSS Vulnerability Let Attackers Run Arbitrary Commands

Affected Versions and Patches

Related

Related Post

Recent Posts