VYPR
Critical severity9.1NVD Advisory· Published Feb 1, 2017· Updated Jun 17, 2026

CVE-2016-8491

CVE-2016-8491

Description

The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell.

Affected products

7
  • Fortinet/Fortiwlc6 versions
    cpe:2.3:h:fortinet:fortiwlc:7.0-10-0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:h:fortinet:fortiwlc:7.0-10-0:*:*:*:*:*:*:*
    • cpe:2.3:h:fortinet:fortiwlc:7.0-9-1:*:*:*:*:*:*:*
    • cpe:2.3:h:fortinet:fortiwlc:8.1-2-0:*:*:*:*:*:*:*
    • cpe:2.3:h:fortinet:fortiwlc:8.1-3-2:*:*:*:*:*:*:*
    • cpe:2.3:h:fortinet:fortiwlc:8.2-4-0:*:*:*:*:*:*:*
    • (no CPE)
  • Fortinet/Fortinetcpe-rescue
    Range: 7.0-9-1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.