FortiWebManager 5.8.0 improperly handles admin login access
FortiWebManager 5.8.0 fails to check the admin password, granting access regardless the provided string.
Improper Access Control
Only FortiWebManager 5.8.0 is affected.
Users on FortiWebManager 5.8.0 must upgrade to 5.8.1.
Fortinet is pleased to thank Abdulaziz Alrushaid of Saudi Aramco for reporting this vulnerability under responsible disclosure.