A format string vulnerability in Fortinet FortiOS 5.6.0 allows malicious user to execute unauthorized code or commands via the SSH username variable.
fortinet fortios 5.6.0