Apparently the FortiOS system files also contained login credentials. The vulnerable SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP requests. The vulnerability in question provides an improper limitation of a pathname to a restricted directory in several Fortinet FortiOS and FortiProxy versions.
Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Even if the devices have since been patched, if the passwords were not reset, they remain vulnerable. The breach list provides raw access to organizations in 74 countries, including the USA, India, Taiwan, Italy, France, and Israel, with almost 3,000 US entities affected.Īccording to Fortinet the credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of the actor's scan.
A threat actor has leaked a list of almost 500,000 Fortinet VPN credentials, stolen from 87,000 vulnerable FortiGate SSL-VPN devices.
0 kommentar(er)
