← back
CVE-2016-8491

CVE-2016-8491

EPSS 1.5%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
01 Feb 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell.
Affected products
Fortinet · Fortinet FortiWLC

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/advisory/FG-IR-16-065http://www.securityfocus.com/bid/94186