CVE-2026-39808

This repository contains a functional Python exploit for CVE-2026-39808, an unauthenticated OS command injection vulnerability in Fortinet FortiSandbox. The exploit leverages the `/fortisandbox/job-detail/tracer-behavior` endpoint with an unsanitized `jid` parameter to execute arbitrary commands as root.

This repository contains a functional exploit PoC for CVE-2026-39808, demonstrating an unauthenticated OS command injection vulnerability in Fortinet FortiSandbox. The exploit chains CVE-2026-39813 (authentication bypass) with CVE-2026-39808 (command injection) to achieve root-level remote code execution.

The repository provides a functional proof-of-concept for CVE-2026-39808, demonstrating an unauthenticated command injection vulnerability in Fortinet's FortiSandbox via the `jid` parameter in the `/fortisandbox/job-detail/tracer-behavior` endpoint. The PoC uses a simple curl command to achieve remote code execution as root.

The repository claims to provide an exploit for CVE-2026-39808 but only contains a README with vague details and external download links. No actual exploit code is present, and the focus is on directing users to external sources.