FortiWebManager 5.8.0 improperly handles admin login access
FortiWebManager 5.8.0 fails to check the admin password, granting access regardless the provided string.
Only FortiWebManager 5.8.0 is affected.
Users on FortiWebManager 5.8.0 must upgrade to 5.8.1.
Fortinet is pleased to thank Abdulaziz Alrushaid of Saudi Aramco for reporting this vulnerability under responsible disclosure.