← Back to CVEs

CVE-2015-7361

N/A

Description

FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain shell access via unspecified vectors.

CVE Details

CVSS v3.1 ScoreN/A

Published10/15/2015

Last Modified4/12/2025

Sourcenvd

Honeypot Sightings0

Affected Products

fortinet:fortios

Weaknesses (CWE)

CWE-287

References

http://fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled(cve@mitre.org)

http://www.fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled(cve@mitre.org)

http://www.securitytracker.com/id/1033093(cve@mitre.org)

http://fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled(af854a3a-2127-422b-91ae-364da2661108)

http://www.fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1033093(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.