CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X

CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X

Introduction Our last blog post on the FortiClient EMS SQL injection vulnerability, CVE-2023-48788, as it turns out only worked on 7.0.x versions. This article will discuss the differences in exploitation between FortiClient EMS’s two mainline versions: 7.0.x and 7.2.x. When writing exploits for different versions of vulnerable software, the differences ... Read More