Default configurations of Fortinet s FortiGate VPN appliance could open organizations to man-in-the-middle (MitM) attacks, according to researchers. A Shodan search turned up more than 230,000 vulnerable appliances using the VPN functionality, researchers found. A full 88 percent, or more than 200,000 businesses, are using the default configuration and can be easily breached in an MitM attack. Fortinet does not consider the issue to be a vulnerability, because users have the ability to manually replace the certificate in order to secure their connections.
Source: https://threatpost.com/fortigate-vpn-default-config-mitm-attacks/159586/