CVE 9.1 CRITICAL

CVE-2026-39813_CVE-2026-39813

April 14, 2026 invoker category_cve

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

Description

A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via <insert attack vector here>

AI Analysis

Path traversal vulnerability allowing escalation of privilege

Basic Information

ID CVE-2026-39813

Source fortinet

Published Apr 14, 2026 at 15:38

Affected Product

Vendor Fortinet

Product FortiSandbox

Version 5.0.0

Affected Versions Fortinet FortiSandbox 5.0.0
Fortinet FortiSandbox 4.4.0
Fortinet FortiSandbox Cloud 24.1
Fortinet FortiSandbox Cloud 23.4
Fortinet FortiSandbox Cloud 5.0.4

CWE Classification

CWE-24

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor Fortinet

Product FortiSandbox

Version 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.6, 4.4.7, 4.4.8

References

fortiguard.fortinet.com /psirt/FG-IR-26-112

{
    "lastseen": "",
    "description": "A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via <insert attack vector here>",
    "published": "2026-04-14T15:38:30.311Z",
    "modified": "2026-04-14T15:38:30.311Z",
    "type": "cve",
    "title": "CVE-2026-39813",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-26-112",
    "id": "CVE-2026-39813",
    "bulletinFamily": "",
    "cwe": [
        "CWE-24"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiSandbox 5.0.0\nFortinet FortiSandbox 4.4.0\nFortinet FortiSandbox Cloud 24.1\nFortinet FortiSandbox Cloud 23.4\nFortinet FortiSandbox Cloud 5.0.4",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiSandbox",
    "version": "5.0.0",
    "vendor": "Fortinet",
    "ai_description": "Path traversal vulnerability allowing escalation of privilege",
    "ai_severity": "Critical",
    "ai_vendor": "Fortinet",
    "ai_product": "FortiSandbox",
    "ai_version": "5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.6, 4.4.7, 4.4.8",
    "ai_score": 9.1
}

💭 Join the Security Discussion ❌ Cancel Reply