FortiRecorder sets credentials of FortiCameras to static values
An Use of Hard-coded Credentials vulnerability in FortiRecorder may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.
Authentication Controls Bypass
FortiRecorder all versions below 2.7.4
Upgrade to FortiRecorder 2.7.4
Deploy FortiCameras on a private and closed network dedicated to the connection to FortiRecorder.
Alternatively, use a Firewall or FortiCamera built-in access control to only allow trusted hosts to access FortiCamera.
Refer to the "Hardening security" section in your FortiRecorder's admin guide for guidance.
Fortinet is pleased to thank security researcher Aaron Blair for reporting this vulnerability under responsible disclosure and FortiGuard Lion Team for the help of addressing this issue.