FortiSandbox – Arbitrary file write on CLI leading to arbitrary code execution

Fortiguard Security Advisory

An improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability [CWE-22] in FortiSandbox may allow a privileged attacker with super-admin profile and CLI access to execute arbitrary code via CLI.

READ MORE