Security News > 2020 > July > New Mirai Variant Targets Vulnerability in Comtrend Routers

New Mirai Variant Targets Vulnerability in Comtrend Routers
2020-07-13 18:20

A newly identified version of the Mirai Internet of Things botnet includes an exploit for a vulnerability impacting Comtrend routers.

According to Trend Micro's security researchers, this is the first botnet version to target CVE-2020-10173, a vulnerability in the Comtrend VR-3033 routers.

The issue, an authenticated command injection vulnerability, could be exploited by remote attackers to "Compromise the network managed by the router," Trend Micro explains.

Proof-of-concept code has been publicly released for the vulnerability, but this Mirai variant is the first malware to attempt exploiting it at large.

The vulnerability impacting Comtrend routers, the researchers note, will likely be abused by other DDoS botnets, as they tend to copy techniques from one another.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/VO4Yuu-3VeM/new-mirai-variant-targets-vulnerability-comtrend-routers

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-03-05 CVE-2020-10173 OS Command Injection vulnerability in Comtrend Vr-3033 Firmware De11416Ssgc01R02.A2Pvi042J1.D26M
Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ping.cgi.
network
low complexity
comtrend CWE-78
8.8
8.8