An anonymous security researcher has discovered highly suspicious code in FortiOS firewalls from Fortinet. FortiOS operating system, deployed on Fortinet’s FortiGate firewall networking equipment, includes an SSH backdoor that can be used to access its firewall equipment. Anyone with “Fortimanager_Access” username and a hashed version of the “FGTAbc11*xy+Qqz27” password string, which is hard coded into the firewall, can login. Fortinet, on its part, attempted to explain why its products were shipped with hard coded SSH logins.
Source: https://thehackernews.com/2016/01/fortinet-firewall-password-hack.html