CVE-2023-48788

NVD Published Date: March 12, 2024 at 03:15 PM
NVD Last Modified: May 23, 2024 at 06:00 PM
Download Patch
Vulnerability ID
CVE-2023-48788
Severity
CRITICAL
Severity Score
9.8
Summary
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.
Mitigation and Patches
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-89

Recent Publish

CVE-2024-3272

CVE-2024-3273

CVE-2024-32113

CVE-2024-4358

CVE-2024-23692

CVE-2024-4577

See SecOps Solution
in action

Schedule Demo