Command Injection in FSA sniffer module
Summary
An instance of improper neutralization of special elements in FortiSandbox's sniffer module may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file.
Affected Products
FortiSandbox 3.2.1 and below.
FortiSandbox 3.1 all versions
FortiSandbox 3.0 all versions
Solutions
Upgrade to version 4.0.0 or above.
Upgrade to version 3.2.2 or above.
Upgrade to version 3.1.5 or above.
Upgrade to version 3.0.7 or above.