FortiSandbox SSRF Vulnerability Allow Attacker to proxy Internal Traffic via Crafted HTTP Requests

FortiSandbox SSRF Vulnerability Allow Attacker to proxy Internal Traffic via Crafted HTTP Requests

Posted on By CWS

Fortinet disclosed a Server-Facet Request Forgery (SSRF) vulnerability in its FortiSandbox equipment on January 13, 2026, urging customers to replace amid dangers of inner community proxied requests.

Tracked as CVE-2025-67685 (FG-IR-25-783), the flaw resides within the GUI part and stems from CWE-918, enabling authenticated attackers to craft HTTP requests that proxy site visitors to inner plaintext endpoints solely.

With a CVSSv3 rating of three.4 (AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N), Fortinet charges the difficulty as low severity, tied to improper entry management.

Attackers want high-privilege entry, limiting exploitation to insiders or compromised admin accounts. No proof of energetic exploits exists as of publication, however the vulnerability might expose delicate inner companies in air-gapped or segmented environments.

FortiSandbox SSRF Vulnerability

The SSRF arises from insufficient enter validation within the GUI console, permitting request forging to localhost or inner IPs over HTTP/HTTPS plaintext.

Fortinet emphasizes that limiting to non-TLS endpoints reduces the blast radius, however proxying can leak metadata or allow additional pivots in misconfigured setups. Found by Jason McFadyen of Development Micro’s Zero Day Initiative beneath accountable disclosure, the bug impacts older variations of FortiSandbox.

No indicators of compromise (IOCs) had been offered, however admins ought to audit GUI logs for anomalous inner fetches since January 2026.

Affected Variations and Remediation

Model BranchAffected ReleasesSolution5.05.0.0 by way of 5.0.4Upgrade to five.0.5 or above4.4All versionsMigrate to fastened release4.2All versionsMigrate to fastened release4.0All versionsMigrate to fastened launch

Fortinet recommends instant upgrades through the FortiGuard portal. Organizations working legacy FortiSandbox ought to prioritize migration, as end-of-support for FortiSandbox 4.x approaches.

Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Google Reports 90 Zero-Day Exploits in 2025 Google Reports 90 Zero-Day Exploits in 2025 Cyber Security News
Ransomware Hits 65% of Financial Firms in 2024 Ransomware Hits 65% of Financial Firms in 2024 Cyber Security News
Scattered LAPSUS$ Hunters Announce Salesforce Breach List On New Onion Site Scattered LAPSUS$ Hunters Announce Salesforce Breach List On New Onion Site Cyber Security News
Microsoft Patch for Old Flaw Reveals New Kernel Address Leak Vulnerability in Windows 11/Server 2022 24H2 Microsoft Patch for Old Flaw Reveals New Kernel Address Leak Vulnerability in Windows 11/Server 2022 24H2 Cyber Security News
Sophisticated DevilsTongue Windows Spyware Tracking Users Globally Sophisticated DevilsTongue Windows Spyware Tracking Users Globally Cyber Security News
FancyBear Security Breach Uncovers NATO Espionage Efforts FancyBear Security Breach Uncovers NATO Espionage Efforts Cyber Security News