Fortinet disclosed a Server-Facet Request Forgery (SSRF) vulnerability in its FortiSandbox equipment on January 13, 2026, urging customers to replace amid dangers of inner community proxied requests.
Tracked as CVE-2025-67685 (FG-IR-25-783), the flaw resides within the GUI part and stems from CWE-918, enabling authenticated attackers to craft HTTP requests that proxy site visitors to inner plaintext endpoints solely.
With a CVSSv3 rating of three.4 (AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N), Fortinet charges the difficulty as low severity, tied to improper entry management.
Attackers want high-privilege entry, limiting exploitation to insiders or compromised admin accounts. No proof of energetic exploits exists as of publication, however the vulnerability might expose delicate inner companies in air-gapped or segmented environments.
FortiSandbox SSRF Vulnerability
The SSRF arises from insufficient enter validation within the GUI console, permitting request forging to localhost or inner IPs over HTTP/HTTPS plaintext.
Fortinet emphasizes that limiting to non-TLS endpoints reduces the blast radius, however proxying can leak metadata or allow additional pivots in misconfigured setups. Found by Jason McFadyen of Development Micro’s Zero Day Initiative beneath accountable disclosure, the bug impacts older variations of FortiSandbox.
No indicators of compromise (IOCs) had been offered, however admins ought to audit GUI logs for anomalous inner fetches since January 2026.
Affected Variations and Remediation
Model BranchAffected ReleasesSolution5.05.0.0 by way of 5.0.4Upgrade to five.0.5 or above4.4All versionsMigrate to fastened release4.2All versionsMigrate to fastened release4.0All versionsMigrate to fastened launch
Fortinet recommends instant upgrades through the FortiGuard portal. Organizations working legacy FortiSandbox ought to prioritize migration, as end-of-support for FortiSandbox 4.x approaches.
Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to function your tales.
