OS Command Injection in FortiSandbox - CVE-2025-53949
Published: December 9, 2025 / Updated: December 18, 2025
Vulnerability identifier: #VU119452
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-53949
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Fortinet, Inc
Affected software:
FortiSandbox
FortiSandbox
Detailed vulnerability description
The vulnerability allows a remote privileged user to execute arbitrary code.
The vulnerability exists due to improper neutralization of special elements used in an os command ('os command injection') in multiple endpoints. An authenticated attacker can execute unauthorized code on the underlying system via crafted HTTP requests.
How to mitigate CVE-2025-53949
Install update from vendor's website.