CVE-2016-1909
Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor Access
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session.
Fortinet FortiAnalyzer en versiones anteriores a 5.0.12 y 5.2.x en versiones anteriores a 5.2.5; FortiSwitch 3.3.x en versiones anteriores a 3.3.3; FortiCache 3.0.x en versiones anteriores a 3.0.8; y FortiOS 4.1.x en versiones anteriores a 4.1.11, 4.2.x en versiones anteriores a 4.2.16, 4.3.x en versiones anteriores a 4.3.17 y 5.0.x en versiones anteriores a 5.0.8 tienen una frase de contraseña embebida para la cuenta Fortimanager_Access, lo que permite a atacantes remotos obtener acceso administrativo a través de una sesión SSH.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-01-09 First Exploit
- 2016-01-15 CVE Reserved
- 2016-01-15 CVE Published
- 2023-12-09 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (10)
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/43386 | 2016-01-09 | |
| http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html | 2024-08-05 | |
| http://seclists.org/fulldisclosure/2016/Jan/26 | 2024-08-05 | |
| https://www.exploit-db.com/exploits/39224 | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | <= 4.3.16 Search vendor "Fortinet" for product "Fortios" and version " <= 4.3.16" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 5.0 Search vendor "Fortinet" for product "Fortios" and version "5.0" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 5.0.0 Search vendor "Fortinet" for product "Fortios" and version "5.0.0" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 5.0.1 Search vendor "Fortinet" for product "Fortios" and version "5.0.1" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 5.0.2 Search vendor "Fortinet" for product "Fortios" and version "5.0.2" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 5.0.3 Search vendor "Fortinet" for product "Fortios" and version "5.0.3" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 5.0.4 Search vendor "Fortinet" for product "Fortios" and version "5.0.4" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 5.0.5 Search vendor "Fortinet" for product "Fortios" and version "5.0.5" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 5.0.6 Search vendor "Fortinet" for product "Fortios" and version "5.0.6" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 5.0.7 Search vendor "Fortinet" for product "Fortios" and version "5.0.7" | - |
Affected
| ||||||