Privilege Escalation via Shell Access in Fortinet FortiAuthenticator 3.0.0

Privilege Escalation via Shell Access in Fortinet FortiAuthenticator 3.0.0

CVE-2015-1458 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command.

Learn more about our User Device Pen Test.