Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-48788

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

Published

2024-03-12T15:15:46.973

Last Modified

2025-01-27T20:56:34.083

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Primary
    CWE-89
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application fortinet forticlient_enterprise_management_server < 7.0.11 Yes
Application fortinet forticlient_enterprise_management_server < 7.2.3 Yes
References