A threat actor exploited a Fortinet vulnerability and has exfiltrated and leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices.
These VPN credentials could allow threat actors to access a network to perform data exfiltration, install malware, and perform ransomware attacks.
The list of Fortinet credentials was leaked for free by a threat actor known as 'Orange,' who is the administrator of the newly launched RAMP hacking forum.
The exploited Fortinet vulnerability was soon patched, but many VPN credentials were still valid.
![](https://blog.rankiteo.com/content/images/2023/01/aver_FOR223227123.png)
"id": "FOR223227123",
"linkid": "fortinet",
"type": "Vulnerability",
"date": "09/2021",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
Join the conversation