Fortinet SSH Backdoor Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet SSH Backdoor Scanner', 'Description' = %q This module scans for the Fortinet SSH backdoor. , 'Author' = 'operator8203 ', PoC 'wvu' Modul...

Fortinet FortiOS SSH backdoor (CVE-2016-1909) - Ver2

An information disclosure vulnerability exists in Fortinet FortiOS. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

CVE-2016-1909

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssh/fortinetbackdoor.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:46+00:00| seen|...

Fortinet FortiOS SSH Undocumented Interactive Login Vulnerability (FG-IR-16-001) (SSH) - Active Check

An undocumented account used for communication with authorized FortiManager devices exists on some versions of FortiOS. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FortiOS Fortimanager_Access SSH account backdoor

Added: 01/25/2016 CVE: CVE-2016-1909 Background FortiOS is the operating system used by FortiGate network security appliances. Problem An undocumented account can be used to gain unauthorized access to the appliance. Resolution Upgrade to FortiOS 4.1.11, 4.2.16, 4.3.17, 5.0.8, 5.2.0, 5.4.0, or...

FortiOS Fortimanager_Access SSH account backdoor

Added: 01/25/2016 CVE: CVE-2016-1909 Background FortiOS is the operating system used by FortiGate network security appliances. Problem An undocumented account can be used to gain unauthorized access to the appliance. Resolution Upgrade to FortiOS 4.1.11, 4.2.16, 4.3.17, 5.0.8, 5.2.0, 5.4.0, or...

FortiOS Fortimanager_Access SSH account backdoor

Added: 01/25/2016 CVE: CVE-2016-1909 Background FortiOS is the operating system used by FortiGate network security appliances. Problem An undocumented account can be used to gain unauthorized access to the appliance. Resolution Upgrade to FortiOS 4.1.11, 4.2.16, 4.3.17, 5.0.8, 5.2.0, 5.4.0, or...

CVE-2016-1909

Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the FortimanagerAccess account, which allows...

CVE-2016-1909

Fortinet CVE-2016-1909 describes a hardcoded Fortimanager_Access passphrase in FortiAnalyzer (versions affected before 5.0.12, 5.2.x before 5.2.5), FortiSwitch (3.3.x < 3.3.3), FortiCache (3.0.x < 3.0.8), and FortiOS (4.1.x < 4.1.11, 4.2.x < 4.2.16, 4.3.x < 4.3.17, 5.0.x