WEB Fortinet FortiSandbox start_vnc Command Injection (CVE-2026-25089)

Rule ID

1238572

Severity

Critical

Description

A command injection vulnerability has been reported in Fortinet FortiSandbox. The vulnerability is due insufficient validation of start_vnc request parameters used in the admin web service.

Impact

Remote command execution

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2026-25089

T1210

T0866

T1059

T0853

Keywords

N/A

Date Created

2026/06/23

Last Updated

2026/06/24