Security News > 2020 > September > Critical Vulnerabilities Expose MoFi Routers to Remote Attacks
2020-09-08 08:45
Routers made by MoFi Network are affected by several vulnerabilities, including critical flaws that can be exploited to remotely hack a device.
Some of the vulnerabilities can allow an unauthenticated, remote attacker who has access to this web interface to take complete control of the targeted router.
Some of the critical vulnerabilities can be exploited to authenticate on a device using hardcoded or weak credentials.
"The initial critical vulnerabilities have been patched," Mirch told SecurityWeek.
US-CERT was informed about the vulnerabilities on June 10 and it may have asked some ISPs to prevent remote access to their customers' routers.
News URL
Related news
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Juniper patches critical auth bypass in Session Smart routers (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack (source)
- GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks (source)
- GitLab patches critical authentication bypass vulnerabilities (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)