Details of VAR-202601-1135

ID

VAR-202601-1135

CVE

CVE-2025-67685

TITLE

fortinet's FortiSandbox Server-side request forgery vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2026-001330

DESCRIPTION

A Server-Side Request Forgery (SSRF) vulnerability [CWE-918] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox 4.4 all versions, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated attacker to proxy internal requests limited to plaintext endpoints only via crafted HTTP requests. Also, some of the information handled by the software may be rewritten. Furthermore, the software will not stop. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2025-67685 // JVNDB: JVNDB-2026-001330

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortisandbox	scope:	gte	version:	4.0.0	Trust: 1.0
vendor:	fortinet	model:	fortisandbox	scope:	lt	version:	5.0.5	Trust: 1.0
vendor:	フォーティネット	model:	fortisandbox	scope:	-	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortisandbox	scope:	eq	version:	4.0.0 that's all 5.0.5	Trust: 0.8
vendor:	フォーティネット	model:	fortisandbox	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2026-001330 // NVD: CVE-2025-67685

CVSS

SEVERITY

CVSSV2

CVSSV3

psirt@fortinet.com:	CVE-2025-67685
value:	LOW
Trust: 1.0
OTHER:	JVNDB-2026-001330
value:	LOW
Trust: 0.8

psirt@fortinet.com:	CVE-2025-67685
baseSeverity:	LOW
baseScore:	3.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	1.2
impactScore:	2.5
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2026-001330
baseSeverity:	LOW
baseScore:	3.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-001330 // NVD: CVE-2025-67685

PROBLEMTYPE DATA

problemtype:	CWE-918	Trust: 1.0
problemtype:	Server-side request forgery (CWE-918) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-001330 // NVD: CVE-2025-67685

PATCH

title:

PSIRT | FortiGuard Labs

url:

https://fortiguard.fortinet.com/psirt/FG-IR-25-783

Trust: 0.8

sources: JVNDB: JVNDB-2026-001330

EXTERNAL IDS

db:	NVD	id:	CVE-2025-67685	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-001330	Trust: 0.8

sources: JVNDB: JVNDB-2026-001330 // NVD: CVE-2025-67685

REFERENCES

url:	https://fortiguard.fortinet.com/psirt/fg-ir-25-783	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-67685	Trust: 0.8

sources: JVNDB: JVNDB-2026-001330 // NVD: CVE-2025-67685

SOURCES

db:	JVNDB	id:	JVNDB-2026-001330
db:	NVD	id:	CVE-2025-67685

LAST UPDATE DATE

2026-01-19T23:44:08.726000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-001330	date:	2026-01-16T05:21:00
db:	NVD	id:	CVE-2025-67685	date:	2026-01-14T21:38:01.700

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-001330	date:	2026-01-16T00:00:00
db:	NVD	id:	CVE-2025-67685	date:	2026-01-13T17:15:58.873