I agree...however, i would also question allowing SSH, or any admin access from an insecure or untrusted source. But then again, it's not the script kiddies who've found out about this that are the problem. It's the nation states with the resources to carry out sophisticated attacks against personnel who do have admin access to systems that is\was the concern, ideal for intelligence gathering.

My impression is that this access path was found by scrutinizing the firmware image, thus, by an 'insider'.

Anyway, the whole concept was so silly you couldn't believe it. The loss of trust is a deep cut.

At least...this 'concept' or its remainder appears now (5.2.6 VM) to be removed completely, whereas 5.2.5 (VM) presented at least a similar mimic (functional or not) when connecting via putty/ssh using the named account.

I don't quite understand your statement. A backdoor is only relevant if it is "functional", ie. permitting access to unauthorized people.

Besides, this kind of access does not use the standard ssh protocol, so access via putty wouldn't work in any case.

Fortinet states that v5.2 never has had this 'feature'.

So, what about your statement - are you saying you have been able to gain access using the BD credentials, in v5.2 and using putty?

Hi Ede,

certainly not, but without knowing in detail what had actually been changed...when connecting to 5.0.6 and when connecting to 5.2.5 using putty, it looks like the attached picture. This does no longer work on 5.2.6 and is a strong indication that it has been removed.