Fortinet FortiSandbox is a security sandbox solution used to analyze and contain malicious files. An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability allows a remote privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.
You're affected if you use An improper neutralization of special elements used. Affected versions: 5.0.2, 5.0.0, 4.4.7 If you don't recognise this software, you're probably not affected.
Upgrade to FortiSandbox 5.0.3 or above from the official Fortinet website: https://www.fortinet.com/support/downloads
- For FortiSandbox 4.4, upgrade to 4.4.8 or above from the same website.
- For FortiSandbox 4.2 and below, migrate to a fixed release as soon as possible.