Hard-coded Credentials Vulnerability in FortiTester 2.3.0 through 7.2.3

Hard-coded Credentials Vulnerability in FortiTester 2.3.0 through 7.2.3

CVE-2023-40717 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands.

Learn more about our Web Application Penetration Testing UK.