Security News > 2024 > December > Hackers exploit Four-Faith router flaw to open reverse shells

Hackers exploit Four-Faith router flaw to open reverse shells

2024-12-30 18:03

Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open reverse shells back to the attackers. [...]

News URL

https://www.bleepingcomputer.com/news/security/hackers-exploit-four-faith-router-flaw-to-open-reverse-shells/

#exploit #hacker #router #CVE-2024-12856

Related news

Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet (source)
Hackers exploit OttoKit WordPress plugin flaw to add admin accounts (source)
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell (source)
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own (source)
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics (source)
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks (source)
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks (source)
Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware (source)

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-27	CVE-2024-12856	The Four-Faith router models F3x24 and F3x36 are affected by an operating system (OS) command injection vulnerability.	0.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.