CVE-2024-53939

An issue was discovered in Victure RX1800 WiFi 6 Router software ENV1.0.0r12110933, hardware 1.0 devices. The /cgi-bin/luci/admin/opsw/Dualfrequnapple endpoint is vulnerable to command injection through the 2.4 GHz and 5 GHz name parameters, allowing an attacker to execute arbitrary commands on t...

Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit

The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface UEFI bootkit feature, adding another layer of sophistication and stealth to the malware. "This bootkit can intervene and control the operating system boot process, enabling Glupteba t...

China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies

Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have been tied to a...

People's Republic of China-Linked Cyber Actors Hide in Router Firmware

Executive Summary The United States National Security Agency NSA, the U.S. Federal Bureau of Investigation FBI, the U.S. Cybersecurity and Infrastructure Security Agency CISA, the Japan National Police Agency NPA, and the Japan National Center of Incident Readiness and Strategy for Cybersecurity...

New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims

A never-before-seen complex malware is targeting business-grade routers to covertly spy on victims in Latin America, Europe, and North America at least since July 2022. The elusive campaign, dubbed Hiatus by Lumen Black Lotus Labs, has been found to deploy two malicious binaries, a remote access...

RomBuster - A Router Exploitation Tool That Allows To Disclosure Network Router Admin Password

RomBuster is a router exploitation tool that allows to disclosure network router admin password. Features Exploits vulnerabilities in most popular routers such as D-Link, Zyxel, TP-Link and Huawei. Optimized to exploit multiple routers at one time from list with threading enabled. Simple CLI and...

Router exploitation of the Stack Overflow entry for the ROP chain of the structure-vulnerability warning-the black bar safety net

DVRF of the Second Stack Overflow the program is stackbof2, this title and on the question of the differences is that this question does not give us the backdoor function, the need to construct their own shellcode to make the call. ! The README file also made a note, so the focus here is on the R...

Router exploitation of the Stack Overflow entry II-vulnerability warning-the black bar safety net

Foreword Finally, in learning MIPS vulnerability discovery process, to find a good drone platform The Damn Vulnerable Router Firmware Project Project address: https://github.com/praetorian-inc/DVRF The goal of this project is to simulate a real world environment to help people learn about other C...

UPDATED VERSION: RouterSploit 3.3.0

PenTestIT RSS Feed Since my last update, this router exploitation framework have gone through a lot of updates. This post is about RouterSploit 3.3.0 code named I Know You Were Trouble. We will also discuss changes made to and an earlier version 3.2.0 to maintain a chain with the hopes that I kee...

ThreatList: Biggest Attack Targets

DO NOT SET LIVE The biggest verticals targeted by hackers in 2018, so far, are Education, Retail, Biotechnology, Construction, and Nonprofit Organizations. According to researchers at eSentire, attackers zeroed in on exploit attempts against the Education vertical, targeting consumer-grade router...

Critical RCE Vulnerability Found in Over a Million GPON Home Routers

Overview: We conducted a comprehensive assessment on a number of GPON home routers. Many routers today use GPON internet, and we found a way to bypass all authentication on the devices CVE-2018-10561. With this authentication bypass, we were also able to unveil another command injection...

WMD (Weapon of Mass Destruction) - Python framework for IT security tools

This is a python tool with a collection of IT security software. The software is incapsulated in "modules". The modules does consist of pure python code and/or external third programs. Main functions 1 To use a module, run the command "use modulecall", e.g. "use apsniff", to activate the module. ...

REXT - Router Exploitation Toolkit

Small toolkit for easy creation and usage of various python scripts that work with embedded devices. core - contains most of toolkits basic functions databases - contains databases, like default credentials etc. interface - contains code that is being used for the creation and manipulation with...

rext

Router Exploitation Toolkit - REXT =============================...