CVE-2023-48788

CRITICAL KEV RANSOMWARE NUCLEI

Fortinet Forticlient Endpoint Management Server - SQL Injection

Title source: nuclei

Description

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

Exploits (4)

nomisec WORKING POC 52 stars

by horizon3ai · remote

https://github.com/horizon3ai/CVE-2023-48788

View Code ZIP pw:eip

inthewild

poc

https://github.com/mrobsidian1/cve-2023-48788-proof-of-concept-sqlinj

View on inthewild

inthewild

poc

https://github.com/cvetechnologic/cve-2023-48788-proof-of-concept-sqlinj

View on inthewild

metasploit WORKING POC EXCELLENT

by Zach Hanley, James Horseman, jheysel-r7, Spencer McIntyre · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/forticlient_ems_fctid_sqli.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Fortinet Forticlient Endpoint Management Server - SQL Injection

CRITICALVERIFIEDby James Horseman,ItshMoh

References (2)

[Vendor Advisory] https://fortiguard.com/psirt/FG-IR-24-007

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-48788

Scores

CVSS v3 9.8

EPSS 0.9404

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2024-03-25

VulnCheck KEV 2024-03-12

InTheWild.io 2024-03-25

ENISA EUVD EUVD-2023-52821

Ransomware Use Confirmed

CWE

CWE-89

Status published

Products (1)

fortinet/forticlient_enterprise_management_server 7.0.1 - 7.0.11

Published Mar 12, 2024

KEV Added Mar 25, 2024

Tracked Since Feb 18, 2026