Fortinet patched critical flaws in FortiSandbox and FortiAuthenticator that could let attackers remotely execute code on unpatched systems. Fortinet addressed two critical vulnerabilities affecting FortiSandbox and FortiAuthenticator. The flaws could allow attackers to execute arbitrary commands or code on unpatched systems. The first vulnerability, tracked as CVE-2026-44277, is an improper access control issue in FortiAuthenticator.…
Tag: FortiSandbox
Global Security News
Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code. […]
Global Security News, Risk Management
Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808)
Two vulnerabilities (CVE-2026-39813, CVE-2026-39808) in FortiSandbox could be leveraged by unauthenticated attackers to bypass authentication and execute unauthorized code or commands on vulnerable systems. Both vulnerabilities can be triggered with a specially crafted HTTP request, putting unpatched FortiSandbox deployments at risk. About FortiSandbox FortiSandbox is Fortinet’s security solution for detecting and analyzing advanced threats. It…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
FortiSandbox XSS Vulnerability Allows Remote Command Execution
Fortinet has disclosed a vulnerability in its FortiSandbox platform that could allow unauthenticated attackers to execute arbitrary commands. The issue involves a cross-site scripting (XSS) flaw in the FortiSandbox web interface that may lead to elevated access if exploited. The vulnerability “… may allow an unauthenticated attacker to execute commands via crafted requests,” said Fortinet…