CVE-2016-4573

CVE Database · CVE-2016-4573

CVE-2016-4573

· N/AModified

CVSS v3.1

N/A

EPSS

4.56%

Published

Sep 9, 2016

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-POE, FSW-224D-FPOE, FSW-248D-POE, FSW-248D-FPOE, FSW-424D, FSW-424D-POE, FSW-424D-FPOE, FSW-448D, FSW-448D-POE, FSW-448D-FPOE, FSW-524D, FSW-524D-FPOE, FSW-548D, FSW-548D-FPOE, FSW-1024D, FSW-1048D, FSW-3032D, and FSW-R-112D-POE models, when in FortiLink managed mode and upgraded to 3.4.1, might allow remote attackers to bypass authentication and gain administrative access via an empty password for the rest_admin account.

Weaknesses (CWE)

CWE-264

Affected Products (22)

fortinet · fortiswitchvulnerable

fortinet · fsw-1024d

fortinet · fsw-1048d

fortinet · fsw-108d-poe

fortinet · fsw-124d

fortinet · fsw-124d-poe

fortinet · fsw-224d-fpoe

fortinet · fsw-224d-poe

fortinet · fsw-248d-fpoe