all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution

Add to bookmarks
April 23, 2024, 4:02 p.m. |

Packet Storm packetstormsecurity.com

A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7.0.10. FortiClient EMS serves as an endpoint management solution tailored for enterprises, offering a centralized platform for overseeing enrolled endpoints. The SQL injection vulnerability is due to user controller strings which can be sent directly into database queries. FcmDaemon.exe is the main service responsible for communicating with enrolled clients. By default it listens on port 8013 and communicates with FCTDas.exe …

code code execution endpoint endpoint management endpoints enterprises forticlient forticlient ems fortinet injection management platform remote code remote code execution server solution sql sql injection sql injection vulnerability vulnerability

Visit resource

More from packetstormsecurity.com / Packet Storm

TOR Virtual Network Tunneling Tool 0.4.8.12 2 days, 16 hours ago | packetstormsecurity.com
a network applications communication developers +21
jSQL Injection 0.98 2 days, 16 hours ago | packetstormsecurity.com
application box code database +21
Ubuntu Security Notice USN-6815-1 2 days, 16 hours ago | packetstormsecurity.com
application arbitrary code attacker code +13
Red Hat Security Advisory 2024-3708-03 2 days, 16 hours ago | packetstormsecurity.com
advisory apache boot build +15
Online Pizza Ordering System 1.0 SQL Injection 2 days, 16 hours ago | packetstormsecurity.com
injection pizza sql sql injection +5
Apache HugeGraph Remote Command Execution 2 days, 16 hours ago | packetstormsecurity.com
1.0.0 1.3.0 apache command +5
FBI Says It Has 7,000 LockBit Ransomware Decryption Keys 2 days, 16 hours ago | packetstormsecurity.com
cryptography data loss decryption decryption keys +8
Russian Hacktivists Vow Mass Attacks Against EU Elections 2 days, 16 hours ago | packetstormsecurity.com
attacks cyberwar elections hacker +3
Spam Blocklist SORBS Closed By Its Owner, Proofpoint 2 days, 16 hours ago | packetstormsecurity.com
blocklist email proofpoint spam

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com