- Description
- An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
- Products
- fortisandbox
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@fortinet.com
- CWE-78
- Hype score
- Not currently trending
برای Fortinet آسیب پذیری با کد شناسایی CVE-2025-53949 از نوع OS command injection منتشر شده است. این آسیب پذیری مربوط به FortiSandbox می باشد. برای امن سازی به روز رسانی لازم را اعمال
@EthicalSafe
10 Dec 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53949 An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 thro… https://t.co/m571SuXPDp
@CVEnew
10 Dec 2025
134 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet patches OS command injection in FortiSandbox (CVE-2025-53949) that enables code execution and system takeover. Admins should update appliances promptly. #Vulnerability https://t.co/SzIRX8fBGz
@threatcluster
10 Dec 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Fortinet FortiSandbox, #OS Command Injection, #CVE-2025-53949 (Critical) https://t.co/mGAkQUpxEp
@dailycve
10 Dec 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD9ECD5-FE5A-4772-A53A-04769828A110",
"versionEndIncluding": "4.0.6",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "814D77BE-F536-42DE-B068-F92B95D68248",
"versionEndIncluding": "4.2.8",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08D2984D-3F90-42A6-9DC9-5E853E7B3188",
"versionEndIncluding": "4.4.7",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5335FAF-6569-44CE-8634-0991C738CCF9",
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]