Command Injection in FSA sniffer module


An instance of improper neutralization of special elements in FortiSandbox's sniffer module may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file.

Affected Products

FortiSandbox 3.2.1 and below.
FortiSandbox 3.1 all versions
FortiSandbox 3.0 all versions



Upgrade to version 4.0.0 or above.
Upgrade to version 3.2.2 or above.
Upgrade to version 3.1.5 or above.
Upgrade to version 3.0.7 or above.


Internally discovered and reported by Giuseppe Cocomazzi of the Fortinet PSIRT Team.