Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP

Fortinet's sandbox product contains two critical vulnerabilities that can be exploited by unauthenticated attackers to bypass login credentials or execute arbitrary code on vulnerable systems. These bugs pose a significant threat to system security, as they can be leveraged over HTTP without requiring any authentication. Although there are currently no reported instances of active exploitation, the presence of these vulnerabilities underscores the need for prompt patching to prevent potential attacks. The vulnerabilities in question are particularly concerning due to their potential for unauthorized access and code execution, which could lead to significant system compromise. As a result, administrators should prioritize applying the necessary patches to mitigate these risks, especially given the history of Fortinet vulnerabilities being targeted by attackers¹. This highlights the importance of keeping systems up to date with the latest security patches to prevent exploitation of known vulnerabilities.