Vulnerability feed

Vulnerability

CVE-2023-48788

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-48788
Description:: A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.
Last updated date:: 03/26/2024

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 03/25/2024
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/13/2024
Reference url to background: https://github.com/CVETechnologic/CVE-2023-48788-Proof-of-concept-SQLinj

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/18/2024
Reference url to background: https://github.com/horizon3ai/CVE-2023-48788

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/09/2024
Reference url to background: https://github.com/mrobsidian1/CVE-2023-48788-Proof-of-concept-SQLinj

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/12/2024
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/forticlient_ems_fctid_sqli.rb

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |