The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell.Referenceshttps://fortiguard.com/advisory/FG-IR-16-065http://www.securityfocus.com/bid/94186
