FortiPortal - Authentication bypass and remote code execution as root
Summary
A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password.Â
Affected Products
FortiPortal versions 5.2.5Â and below.Â
FortiPortal versions 5.3.5Â and below.
FortiPortal versions 6.0.4 and below.Â
FortiPortal 5.0.xÂ
FortiPortal 5.1.x
Solutions
Please upgrade to FortiPortal version 5.2.6Â or above.Â
Please upgrade to FortiPortal version 5.3.6Â or above.
Please upgrade to FortiPortal version 6.0.5 or above.Â