Update your firmware or suffer the consequences
Hijacked ... Exploiting the backdoor on vulnerable FortiOS firmware (Source)
12 Jan 2016 at 21:39, Iain Thomson Enterprise security vendor Fortinet has attempted to explain why its FortiOS firewalls were shipped with hardcoded SSH logins.
It appears Fortinet's engineers implemented their own method of authentication for logging-into FortiOS-powered devices, and the mechanism ultimately uses a secret passphrase. This code was reverse-engineered by persons unknown, and a Python script to exploit the hole emerged on the Full Disclosure mailing list this week.
Full Article