Vulnerability Details CVE-2016-7560
The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote attackers to read or write to arbitrary files via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 84.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2016-7560
-
cpe:2.3:a:fortinet:fortiwlc:6.1-2-29
-
cpe:2.3:a:fortinet:fortiwlc:7.0-10-0
-
cpe:2.3:a:fortinet:fortiwlc:7.0-9-1
-
cpe:2.3:a:fortinet:fortiwlc:8.0-5-0
-
cpe:2.3:a:fortinet:fortiwlc:8.1-2-0
-
cpe:2.3:a:fortinet:fortiwlc:8.2-4-0