## https://sploitus.com/exploit?id=1215FBF6-6710-5C02-8901-A153FBDEBE6F
# fortios-ldap-mitm-poc-CVE-2019-5591
The default configuration of LDAP on FortiOS v6.0.x to v6.2.0 does not check server identity for LDAP/S leading to MITM attacks. This PoC demos full exfiltration of credentials sent on the local subnet to an LDAP server that is easily impersonated.