Description
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiNDR 7.6.0 through 7.6.2, FortiNDR 7.4.0 through 7.4.9, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Published: 2026-05-12
Score: 5.1 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability is an SQL injection flaw caused by improper neutralization of special elements in SQL commands. An authenticated attacker can send specially crafted HTTP requests and trigger execution of unauthorized SQL commands or code, potentially compromising data integrity and confidentiality.

Affected Systems

Fortinet FortiNDR devices running versions 7.0 through 7.6.2, including all 7.0, 7.1, 7.2, 7.4 (up to 7.4.9), and 7.6 (up to 7.6.2). The affected releases are listed in the CNAs’ CPEs and correspond to the vulnerable software mentioned in the advisory.

Risk and Exploitability

The CVSS score of 5.1 indicates moderate severity. Because EPSS data is not available and the vulnerability is not in the CISA KEV catalog, the exploitation likelihood is unknown but the need for authentication limits opportunistic attacks. The likely attack vector is internal or VPN-based authenticated traffic that can reach the FortiNDR API endpoints.

Generated by OpenCVE AI on May 12, 2026 at 18:23 UTC.

Remediation

Vendor Solution

Upgrade to FortiNDR version 7.6.3 or above Upgrade to FortiNDR version 7.4.10 or above

OpenCVE Recommended Actions

  • Upgrade FortiNDR to version 7.6.3 or higher.
  • Upgrade FortiNDR to version 7.4.10 or higher if using a 7.4.x release.
  • Ensure that only authenticated users with least privilege have access to the FortiNDR HTTP endpoint; consider firewall rules to restrict exposure.

Generated by OpenCVE AI on May 12, 2026 at 18:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 18:45:00 +0000

Type Values Removed Values Added
Title SQL Injection in Fortinet FortiNDR Enabling Remote Code Execution

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiNDR 7.6.0 through 7.6.2, FortiNDR 7.4.0 through 7.4.9, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
First Time appeared Fortinet
Fortinet fortindr
Weaknesses CWE-89
CPEs cpe:2.3:a:fortinet:fortindr:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.0.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.2.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.2.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.2.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.2.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.2.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.8:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.4.9:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.6.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.6.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortindr:7.6.2:*:*:*:*:*:*:*
Vendors & Products Fortinet
Fortinet fortindr
References
Metrics cvssV3_1

{'score': 5.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:X'}

Subscriptions

Fortinet Fortindr
cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published:

Updated: 2026-05-12T19:02:51.082Z

Reserved: 2026-01-29T09:27:29.820Z

Link: CVE-2026-25088

cve-icon Vulnrichment

Updated: 2026-05-12T19:02:46.518Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-12T18:16:39.327

Modified: 2026-05-12T18:57:02.307

Link: CVE-2026-25088

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T18:30:22Z

Weaknesses