CVE Catalog

CVE-2026-39813

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Very high risk
18.70%

97th percentile — higher than 97% of all known CVEs

Summary

A path traversal vulnerability in Fortinet FortiSandbox versions 5.0.0 through 5.0.5 and 4.4.0 through 4.4.8 may allow an attacker to escalate privileges via specially crafted HTTP requests.

Risk Assessment

This vulnerability could lead to privilege escalation, posing a risk of unauthorized access to the system and data.

Recommendation

It is recommended to update FortiSandbox to the latest version to mitigate this vulnerability.

Original NVD description (English source)

A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via specially crafted HTTP requests.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS