Last Updated:

49,620 FortiGate VPN gateways affected by the CVE-2018-13379

OS
OS Data Breaches

On November 25, an archive containing about 6.7 GB of data (IP addresses, usernames, passwords) of 49,620 FortiGate VPN gateways affected by the CVE-2018-13379 vulnerability was made freely available.

Everyone wrote about it, but we are not interested in writing about what everyone writes. 🤷‍♂️ Therefore, according to our tradition, we took and analyzed the accounts from the uploaded files "sslvpn_websession".

In total, there were 354,760 entries containing: IP, username (often an email address) and password. After clearing of garbage and duplicates, 197,021 entries remained.

The 10 most popular passwords (in parentheses, the place of the password, case-insensitive, in the top 100 passwords from all the leaks that we analyzed earlier



1️⃣ Temporal2020
2️⃣ 123456 (1)
3️⃣ [email protected]
4️⃣ Password1 (29)
5️⃣ Juzgado2020
6️⃣ asdf123.
7️⃣ Octubre2020
8️⃣ macaw777
9️⃣ Password (5)
1️⃣0️⃣ [email protected]

of the interesting passwords that are not included in the top, you can mark the password "Hello!". 🤣

10 most popular domains (the login part):

1️⃣ cjf.gob.mx
2️⃣ cgi.com
3️⃣ magna.com
4️⃣ cendoj.ramajudicial.gov.co
5️⃣ rexel.com.cn
6️⃣ prenatalretailgroup.com
7️⃣ ol.na
8️⃣ telenav.cn
9️⃣ emilfrey.fr
1️⃣ 0️⃣ acninc.com