Threat actors attempt to exploit a flaw in Four-Faith routers

Tags

External References

• https://securityaffairs.com/
• https://thehackernews.com/
• https://otx.alienvault.com/

Description

A high-severity vulnerability (CVE-2024-12856) affecting Four-Faith router models F3x24 and F3x36 is being actively exploited. The flaw allows OS command injection if default credentials are used, potentially leading to unauthenticated remote code execution. Attackers have been observed leveraging this vulnerability to launch reverse shells for persistent access. Over 15,000 internet-facing devices are potentially at risk. The exploitation attempts have been linked to previous attacks on Four-Faith routers. No patches are currently available, and the vendor was notified on December 20, 2024. Users are advised to change default credentials and monitor for suspicious activities.

Date