Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Fortinet FortiDDoS-F: Unauthorized Code Execution via SQL Injection
CVE-2026-39815
Summary
A security issue in Fortinet's FortiDDoS-F software versions 7.2.1 to 7.2.2 could allow an attacker to run unauthorized code or commands. This could potentially harm your network. You should update to the latest version of FortiDDoS-F to fix this issue.
Original title
A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or c...
Original description
A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests
nvd CVSS3.1
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026