Security News > 2024 > August > Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks
2024-08-29 11:05
A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a "command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE)," Akamai researchers Kyle
News URL
https://thehackernews.com/2024/08/unpatched-avtech-ip-camera-flaw.html
Related news
- whoAMI attacks give hackers code execution on Amazon EC2 instances (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- New Eleven11bot botnet infects 86,000 devices for DDoS attacks (source)
- Unpatched Edimax IP camera flaw actively exploited in botnet attacks (source)
- Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-02 | CVE-2024-7029 | Command Injection vulnerability in Avtech Avm1203 Firmware Commands can be injected over the network and executed without authentication. | 9.8 |