FortiWLC Undocumented Hardcoded Rsync Account
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-16-029
Final
1
1
2016-09-30T00:00:00
Current version
2016-09-30T00:00:00
2016-09-30T00:00:00
FortiWLC runs a rsyncd server, historically used for High-Availability purpose. This server comes with a hardcoded account, which has read/write privileges over various parts of the system.
FortiWLC runs a rsyncd server, historically used for High-Availability purpose. This server comes with a hardcoded account, which has read/write privileges over various parts of the system.
Unauthorized read/write remote access
FortiWLC 6.1-2-29 and below, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0
Depending on your version, apply the following patches:Below 6.1-2-29Update to 7.0-10-0 or above, and apply the corresponding patch.6.1-2-29meru-6.1-2-29-patch-bug03883977.0-9-1:meru-7.0-9-1-patch-bug03883977.0-10-0:meru-7.0-10-0-patch-bug03883978.0-5-0:meru-8.0-5-0-patch-bug03883978.1-2-0:meru-8.1-2-0-patch-bug03883978.2-4-0:meru-8.2-4-0-patch-bug0388397
Fortinet is pleased to thank University of Toronto for reporting this vulnerability under responsible disclosure.Â
FortiWLC Undocumented Hardcoded Rsync Account
CVE-2016-7560
https://fortiguard.fortinet.com/psirt/FG-IR-16-029
FortiWLC Undocumented Hardcoded Rsync Account
Reference>