Skip to content
← Browse CVEs

CVE-2023-48788

Critical · CVSS 9.8EPSS 98.5%CISA KEVCWE-89 · SQL Injection

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

References

NVD MITRE CVE.org CISA KEV

Published

Community ground truth

Community verdict

3 verdicts
Not a real issue

to add your verdict.

Community real-world severity: Critical (Critical 3) — CVSS base score 9.8

In line with its CVSS base score.

Field notes & remediation

Verdicts are the quick signal — notes are the evidence and fixes behind them.

No notes yet — be the first to share what you saw or a fix that worked.