CVE-2019-17215

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. There is no bruteforce protection e.g., lockout established. An attacker might be able to bruteforce the password to authenticate on the device...

Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks

A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 CVSS score: 8.7, the vulnerability in question, is a "command injection vulnerability found in the brightness function of AVTECH closed-circui...

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service DDoS attacks. "The malware binaries appear to have been named by the malware author after a character from the popular anime...

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service DDoS attacks. "The malware binaries appear to have been named by the malware author after a character from the popular anime...

Exploit for Improper Input Validation in Huawei Hg532_Firmware

HG532d RCE Exploit Overview A Remote Code Execution RCE...

CVE-2019-17215

CVE-2019-17215 affects V-Zug Combi-Steam MSLQ devices prior to Ethernet R07 and WLAN R05. The root cause is the absence of bruteforce protection (e.g., account lockout), allowing an attacker to brute-force passwords to authenticate on the device. Documented impact is unauthorized access via passw...

CVE-2018-17215

Postman (standalone) up to version 6.3.0 contains an information-disclosure vulnerability due to improper X.509 certificate validation. When a certificate is invalid, Postman still sends the associated HTTPS request data; however, only the response is suppressed from display. This can allow a man...

Postman 6.3.0 Improper Certificate Validation Vulnerability

Exploit for hardware platform in category web applications Product: Postman standalone Manufacturer: Postman Affected Versions: 6.3.0 and older Tested Versions: 6.2.2 x64 Windows and Linux, 6.3.0 Vulnerability Type: Improper Certificate Validation CWE-295 Risk Level: Medium Solution Status: Open...

CVE-2017-17215

Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code...

CVE-2017-17215

CVE-2017-17215 is a Huawei HG532/HG532u series router remote code execution vulnerability. An authenticated attacker can send crafted packets to port 37215 to trigger upnp-related logic and execute arbitrary code. Public discussions and malware analyses (including HG532/ HG532e modifications and ...

CVE-2017-17215

Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code. Recent assessments: Assessed Attacker Value: 0...

JenX Botnet Has Grand Theft Auto Hook

Researchers at Radware have discovered a new botnet that uses vulnerabilities linked with the Satori botnet and is leveraging the Grand Theft Auto videogame community to infect IoT devices. Satori is a derivative of Mirai, the notorious botnet that in 2016 infamously managed to take down Dyn, a D...

CVE-2017-17215

creationtimestamp| type| source ---|---|--- 2018-01-02 09:34:49+00:00| published-proof-of-concept| https://t.me/HackerOne/1495 2018-07-20 14:59:33+00:00| exploited| https://t.me/SecLabNews/2714 2018-07-23 12:57:52+00:00| seen| MISP/5b55778d-33a8-4659-8109-1b49c30d0daa 2018-09-20 17:30:07+00:00|...

Code Used in Zero Day Huawei Router Attack Made Public

Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such as Reaper or...

Satori IoT Botnet Exploits Zero-Day to Zombify Huawei Routers

Although the original creators of the infamous IoT malware Mirai have already been arrested and sent to jail, the variants of the notorious botnet are still in the game due to the availability of its source code on the Internet. Hackers have widely used the infamous IoT malware to quietly amass a...

Huawei Router Vulnerability Used to Spread Mirai Variant

Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Mirai Okiru, also known as Satori. Researchers at Check Point published a report Thursday, and said the flaw is in Huawei’s router mode...

VulnCheck KEV: CVE-2017-17215

Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code...

Huawei HG532 Router Remote Code Execution (CVE-2017-17215)

A remote code execution vulnerability exists in Huawei HG532 Routers. A remote attacker can exploit this weakness to execute arbitrary code in the affected router via a crafted request...