Tag: CVE-2024-12856

3 Attack Reports | 1 Vulnerabilities

Attack reports

RondoDox Unveiled: Breaking Down a New Botnet Threat

A new botnet called RondoDox has been discovered, exploiting two high-risk vulnerabilities: CVE-2024-3721 and CVE-2024-12856. It targets Linux-based systems on various architectures, including ARM and MIPS. RondoDox uses sophisticated evasion techniques, such as XOR-encoded configuration data, cust…
linux
evasion
persistence
ddos
botnet
vulnerabilities
CVE-2024-12856
CVE-2024-3721
2025-07-16
traffic mimicry
rondodox
Published: July 16, 2025
Downloadable IOCs: 35

Gayfemboy: A Botnet Deliver Through a Four-Faith Industrial Router 0-day Exploit.

The Gayfemboy botnet, discovered in February 2024, has evolved from a simple Mirai derivative into a sophisticated large-scale botnet. It exploits a 0-day vulnerability in Four-Faith industrial routers and unknown vulnerabilities in other devices to spread. With over 15,000 daily active nodes acros…
ddos
botnet
CVE-2024-12856
four-faith
2025-01-08
0-day
gayfemboy
industrial-router
Published: January 8, 2025
Linked vulnerabilities : CVE-2024-8956 (CVSS 9.1), CVE-2024-8957 (CVSS 9.8), CVE-2024-12856 (CVSS 7.2), CVE-2013-7471
Downloadable IOCs: 56

Threat actors attempt to exploit a flaw in Four-Faith routers

A high-severity vulnerability (CVE-2024-12856) affecting Four-Faith router models F3x24 and F3x36 is being actively exploited. The flaw allows OS command injection if default credentials are used, potentially leading to unauthenticated remote code execution. Attackers have been observed leveraging …
vulnerability
router
reverse shell
CVE-2024-12856
2024-12-28
four-faith
Published: December 28, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-12856

7.2
    Four-Faith router F3x24
    Four-Faith router F3x36
Published: December 27, 2024
Click here to see more Vulnerabilities