Podatność CVE-2023-48788
Publikacja: 2024-03-12

Opis:
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution
Spencer McIntyre
25.04.2024

Typ:

CWE-89

 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

 Referencje:
https://fortiguard.com/psirt/FG-IR-23-430
Copyright 2024, cxsecurity.com

 

Back to Top