1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

FortiGuard SSH backdoor found in more Fortinet security appliances

Discussion in 'Network World' started by RSS, Jan 22, 2016.

  1. RSS

    RSS New Member Member

    Network security vendor Fortinet has identified an authentication issue that could give remote attackers administrative control over some of its products.

    The issue, which was described as a FortiGuard SSH (Secure Shell) backdoor, was originally disclosed earlier this month by an anonymous researcher, who also published exploit code for it.

    Last week, Fortinet said that the problem was not an intentional backdoor, but the result of a management feature which relied on an undocumented account with a hard-coded password. Additionally the company noted that the issue was fixed in FortiOS back in July 2014, after being identified as a security risk by the company's own product security team.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page