CVE-2016-8491

UNKNOWN

Published 2017-02-01T17:00:00

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2016-8491. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Fortinet

Fortinet FortiWLC

Affected Versions:

7.0-9-1 7.0-10-0 8.1-2-0 8.1-3-2 8.2-4-0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-pxp7-p7xv-7463

Advisory Details

The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell.

CVSS Scoring

CVSS Score

9.0

CVSS Vector


                                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2016-8491

WEB https://fortiguard.com/advisory/FG-IR-16-065

WEB http://www.securityfocus.com/bid/94186

Advisory provided by GitHub Security Advisory Database. Published: May 17, 2022, Modified: May 17, 2022

References

https://fortiguard.com/advisory/FG-IR-16-065

http://www.securityfocus.com/bid/94186

Published: 2017-02-01T17:00:00

Last Modified: 2024-10-25T14:41:05.797Z

Copied to clipboard!

CVE-2016-8491

Expert Analysis

Description

Available Exploits

Related News

Affected Products

Fortinet FortiWLC

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!