Security News > 2020 > July > New Mirai Variant Targets Vulnerability in Comtrend Routers
A newly identified version of the Mirai Internet of Things botnet includes an exploit for a vulnerability impacting Comtrend routers.
According to Trend Micro's security researchers, this is the first botnet version to target CVE-2020-10173, a vulnerability in the Comtrend VR-3033 routers.
The issue, an authenticated command injection vulnerability, could be exploited by remote attackers to "Compromise the network managed by the router," Trend Micro explains.
Proof-of-concept code has been publicly released for the vulnerability, but this Mirai variant is the first malware to attempt exploiting it at large.
The vulnerability impacting Comtrend routers, the researchers note, will likely be abused by other DDoS botnets, as they tend to copy techniques from one another.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-05 | CVE-2020-10173 | OS Command Injection vulnerability in Comtrend Vr-3033 Firmware De11416Ssgc01R02.A2Pvi042J1.D26M Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ping.cgi. | 8.8 |