Security News > 2024 > December > 15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
2024-12-28 06:25
A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been described as an operating system (OS) command injection bug affecting router models F3x24 and F3x36. The severity of the shortcoming is lower due to the fact that it only works
News URL
https://thehackernews.com/2024/12/15000-four-faith-routers-exposed-to-new.html
Related news
- Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Clone2Leak attacks exploit Git flaws to steal credentials (source)
- Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-27 | CVE-2024-12856 | The Four-Faith router models F3x24 and F3x36 are affected by an operating system (OS) command injection vulnerability. | 0.0 |