CVE-2016-8491

Summary

The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell.

Affected Software

VendorProductVersion RangeStatus
FortinetFortinet FortiWLC7.0-9-1affected
FortinetFortinet FortiWLC7.0-10-0affected
FortinetFortinet FortiWLC8.1-2-0affected
FortinetFortinet FortiWLC8.1-3-2affected
FortinetFortinet FortiWLC8.2-4-0affected

Weaknesses

  • Remote shell access

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References