📄 Router Fingerprint / Command Injection Scanner

This Metasploit module targets multiple IoT routers by automatically fingerprinting the device vendor and attempting to exploit command injection vulnerabilities. The module sends an HTTP request to identify the router manufacturer by analyzing response headers and page content. Once the vendor i...

Actors, Threats and Vulnerabilities 29 May to 4 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, three attacks were executed, taking advantage of two different vulnerabilities in various systems, and involving one...

A New RAT Named GobRAT Targeting Linux Routers in Japan

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GobRAT, a new RAT, is infecting Linux routers in Japan through vulnerable web interfaces, granting attackers remote control and the ability to execute commands. To receive real-time threat advisories,...

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

Linux routers in Japan are the target of a new Golang remote access trojan RAT called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center JPCERT/CC...

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

Linux routers in Japan are the target of a new Golang remote access trojan RAT called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center JPCERT/CC...