HTTP: Fortinet FortiClientEMS DAS SQL Injection

This signature detects attempts to exploit a known vulnerability against Fortinet FortiClientEMS. A successful attack can lead to command injection and arbitrary code execution.

Extended Description

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

Affected Products

Fortinet forticlient_enterprise_management_server

References

CVE: CVE-2023-48788

Short Name
HTTP:SQL:INJ:FRTNT-CLNT-EMS-DAS
Severity
Major
Recommended
True
Recommended Action
None
Category
HTTP
Keywords
CVE-2023-48788 DAS FortiClientEMS Fortinet Injection SQL
Release Date
12/18/2024
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3766
Port
TCP/8013
False Positive
Unknown
Vendors

Fortinet

Found a potential security threat?