Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-48788

Published: 12/03/2024 Updated: 26/03/2024
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Fortinet

Vulnerability Summary

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, FortiClientEMS 7.0.1 up to and including 7.0.10 allows malicious user to execute unauthorized code or commands via specially crafted packets.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

fortinet forticlient enterprise management server

Vendor Advisories

Check Point Security Alerts: Fortinet FortiClientEMS Remote Code Execution (CVE-2023-48788)
Check Point Reference: CPAI-2023-1621 Date Published: 26 Mar 2024 Severity: High ...

Exploits

Exploit DB: FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution
A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 720 through 722 and 701 through 7010 FortiClient EMS serves as an endpoint management solution tailored for enterprises, offering a centralized platform for overseeing enrolled endpoints The SQL injection vulnerability is due to u ...

Github Repositories

https://github.com/TheRedDevil1/CVE-2023-48788

CVE-2023-48788 is a SQLi vulnerability which leads to unauthenticated remote code executing in fortinet's FortiClientEMS.

CVE-2023-48788 CVE-2023-48788 is a SQLi vulnerability which leads to unauthenticated remote code executing in fortinet's FortiClientEMS Version FortiClientEMS 72 720 through 722 FortiClientEMS 70 701 through 7010 Description A critical-severity FortiClientEMS vulnerability (tracked at CVE-2023-48788) could enable “a remote and unauthenticated attacker to e

https://github.com/k4rd3n/CVE-2023-48788-PoC

CVE-2023-48788 is a SQLi vulnerability which leads to unauthenticated remote code executing in fortinet's FortiClientEMS.

CVE-2023-48788-PoC CVE-2023-48788 is a SQLi vulnerability which leads to unauthenticated remote code executing in fortinet's FortiClientEMS Details The EMS administrator can send a one-way message to endpoints in a tagged group, endpoint group, or one endpoint For example, you may want to send a message to remind a user to upload an avatar to FortiClient EMS sends the m

https://github.com/CVETechnologic/CVE-2023-48788-Proof-of-concept-SQLinj

New exploit for Fortinet's [CVE-2023-48788] to SQL injection in HTTP reqs.

CVE-2023-48788-Proof-of-concept-SQLinj New exploit for Fortinet's [CVE-2023-48788] to SQL injection in HTTP reqs Date of published 2024/03/13 πŸ”₯ CVSS: 98/10 Description A critical-severity FortiClientEMS vulnerability (tracked at CVE-2023-48788) could enable “a remote and unauthenticated attacker to execute arbitrary commands on the admin workstation via creatin

https://github.com/horizon3ai/CVE-2023-48788

Fortinet FortiClient EMS SQL Injection

CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerabilitiy An exploit proof of concept for FortiClient EMS CVE-2023-48788 Blog Post More details here: wwwhorizon3ai/attack-research/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive Usage $ python3 CVE-2023-48788py -t 19216813 -p 8013 [+] Sent Message! MSG_HEADER: FCTUID=CBE8FC122B1A46D18C3541

https://github.com/TheRedDevil1/CVE-2023-48788-exploit

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

CVE-2023-48788-exploit A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 720 through 722, FortiClientEMS 701 through 7010 allows attacker to execute unauthorized code or commands via specially crafted packets There is 3 versions of this CVE and full exploit, for DOWNLOAD: satoshid

https://github.com/mrobsidian1/CVE-2023-48788-Proof-of-concept-SQLinj

πŸ› οΈ CVE-2024-48788 Exploit 🌟 Description A critical-severity FortiClientEMS vulnerability (tracked at CVE-2023-48788) could enable “a remote and unauthenticated attacker to execute arbitrary commands on the admin workstation via creating malicious log entries with crafted requests to the server,” Fortinet said in its disclosure βš™οΈ Installation To set up

Recent Articles

Exploit released for Fortinet RCE bug used in attacks, patch now
BleepingComputer β€’ Sergiu Gatlan β€’ 21 Mar 2024

Exploit released for Fortinet RCE bug used in attacks, patch now By Sergiu Gatlan March 21, 2024 11:17 AM 0 Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks. Tracked as CVE-2023-48788, this security flaw is an SQL injection in the DB2 Administration Server (DAS) component discovered and reported by the UK's National Cyber Security Centr...

Read more...
Fortinet warns of critical RCE bug in endpoint management software
BleepingComputer β€’ Sergiu Gatlan β€’ 13 Mar 2024

Fortinet warns of critical RCE bug in endpoint management software By Sergiu Gatlan March 13, 2024 02:48 PM 0 Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. FortiClient EMS enables admins to manage endpoints connected to an enterprise network, allowing them to deploy FortiClient software and assign security profiles on Windows devices. The security flaw (C...

Read more...
March Patch Tuesday sees Hyper-V join the guest-host escape club
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Critical bugs galore among 61 Microsoft fixes, 56 from Adobe, a dozen from SAP, and a fistful from Fortinet

Patch Tuesday Microsoft's monthly patch drop has arrived, delivering a mere 61 CVE-tagged vulnerabilities – none listed as under active attack or already known to the public. We'll hold our judgement until tomorrow to see if Exploit Wednesday lives up to its name. But in the meantime, here's a look at Redmond's security bugs. Two of the latest patches are listed as critical and both affect Windows Hyper-V hypervisor. Oddly, the two critical bugs didn't receive the highest CVSS ratings – but ...

Read more...
More than 133,000 Fortinet appliances still vulnerable to month-old critical bug
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources A huge attack surface for a vulnerability with various PoCs available

The volume of Fortinet boxes exposed to the public internet and vulnerable to a month-old critical security flaw in FortiOS is still extremely high, despite a gradual increase in patching. According to security nonprofit Shadowserver's latest data, the number of Fortinet appliances vulnerable to CVE-2024-21762 stands at more than 133,000 – down only slightly from more than 150,000 ten days prior. Fortinet patched CVE-2024-21762 in early February, well over a month ago. It's a 9.6 severity vuln...

Read more...

References

CWE-89https://fortiguard.com/psirt/FG-IR-24-007https://nvd.nist.govhttps://packetstormsecurity.com/files/178230/FortiNet-FortiClient-EMS-7.2.2-7.0.10-SQL-Injection-Remote-Code-Execution.htmlhttps://github.com/TheRedDevil1/CVE-2023-48788https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1621.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook