{"uuid": "b8f1824e-7178-4215-b2ba-4338e232a1e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/club31337/3227", "content": "Belsen Group leaked 15k+ FortiGate VPN accounts including configuration files and VPN passwords likely obtained via exploitation of CVE-2022-40684 impacting FortiGate 7.x and 7.2.x devices.\n\nAlthough unconfirmed, it is likely that this threat group has been operating privately since 2022, given the age of the data and the nature of the vulnerability, and is only now sharing this data publicly.\n\nFor research purposes a GitHub repository was created including all affected IPs. \n\nWe do not recommend using the original download link:\n\nbelsenacdodoy3nsmmyjfmtgjen6ipaqkti7dm2q57vabjx2vzq6tnad.onion/files/FortiGate.zip\n\n\ud83d\udcbe It feels like you\u2019re back in 200x downloading data using GPRS on a Windows 98 machine \ud83e\udd26\ud83c\udffc\u200d\u2640\ufe0f\n\nDownload:\nhttps://mega.nz/file/wDhQEC5Y#OctAHTwgv57eRbEc3nvPRb53aX5vxXFIW1HopceZXUI\n\n@club31337", "creation_timestamp": "2025-01-22T05:44:48.000000Z"}