Security News > 2024 > August > Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal
The SANS Internet Storm Center published a report showing how the open-source ERP framework OFBiz is currently the target of new varieties of the Mirai botnet.
The update fixed a directory traversal vulnerability that could lead to remote command execution.
CISA pointed out that they are currently tracking 55 directory traversal vulnerabilities as part of the "Known Exploited Vulnerabilities" catalog.
For OFBiz, the directory traversal is easily triggered by inserting a semicolon.
This weekend, these sensors detected a significant increase in attempts to exploit CVE-2024-32213, the OFBiz mentioned above directory traversal vulnerability, which was immediately picked up by the "First Seen" report.
With the vulnerability announcement in May, we have been waiting for some scans to take advantage of the OFBiz vulnerability.
News URL
https://thehackernews.com/2024/08/mirai-botnet-targeting-ofbiz-servers.html
Related news
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices (source)
- Mirai botnet behind the largest DDoS attack to date (source)
- Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-01 | CVE-2024-32213 | The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak passwords. | 0.0 |