Tag: router

3 Attack Reports | 0 Vulnerabilities

Attack reports

Mirai Bot now incorporating (malformed?) DrayTek Vigor Router Exploits

A report details the incorporation of exploits targeting DrayTek Vigor routers into the Mirai botnet. Previously disclosed vulnerabilities affecting approximately 700,000 devices are being exploited, with attacks focusing on the 'keyPath' and 'cvmcfgupload' parameters. A curious spike in malformed …
exploit
vulnerability
iot
botnet
router
mirai
firmware
2025-03-17
vigor
draytek
Published: March 17, 2025
Downloadable IOCs: 3

Threat actors attempt to exploit a flaw in Four-Faith routers

A high-severity vulnerability (CVE-2024-12856) affecting Four-Faith router models F3x24 and F3x36 is being actively exploited. The flaw allows OS command injection if default credentials are used, potentially leading to unauthenticated remote code execution. Attackers have been observed leveraging …
vulnerability
router
reverse shell
CVE-2024-12856
2024-12-28
four-faith
Published: December 28, 2024
Downloadable IOCs: 0

New Goldoon Botnet Targeting D-Link Devices

In April 2024, FortiGuard Labs observed a new botnet exploiting a nearly decade-old D-Link vulnerability to take control of devices and incorporate them into a botnet used to launch attacks. The malware, named Goldoon, establishes persistence and connects to a C2 server to receive commands, includi…
linux
ddos
2024-05-03
iot
botnet
router
CVE-2015-2051
goldoon
Published: May 3, 2024
Linked vulnerabilities : CVE-2015-2051
Downloadable IOCs: 24
Click here to see more Attack Reports