Here is list referenced in this video 12 regarding the history of Fortinet and their history of security issues.
- Breaking the Fortigate SSL VPN 63
- Black Hat Talk about SSL VPN Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs - YouTube 22
- Remote Password Change Vulnerability 14
- Fortinet FortiSIEM Hardcoded SSH Key 12
- Hard-coded password raises new backdoor eavesdropping fears 15
- Some Fortinet products shipped with hardcoded encryption keys 6
- Multiple Fortinet products use a weak encryption cipher (“XOR”) and hardcoded cryptographic keys 14
- FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) 11
- XORtigate: Pre-authentication Remote Code Execution on Fortigate VPN 72
Comments
Post a Comment