Security News > 2024 > August > Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks
2024-08-29 11:05
A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a "command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE)," Akamai researchers Kyle
News URL
https://thehackernews.com/2024/08/unpatched-avtech-ip-camera-flaw.html
Related news
- Unpatched Edimax IP camera flaw actively exploited in botnet attacks (source)
- Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-02 | CVE-2024-7029 | Command Injection vulnerability in Avtech Avm1203 Firmware Commands can be injected over the network and executed without authentication. | 9.8 |