Security News > 2025 > May > ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices
2025-05-23 12:49

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like network. The threat actor has been observed exploiting a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers (CVE-2023-20118) to corral them into


News URL

https://thehackernews.com/2025/05/vicioustrap-uses-cisco-flaw-to-build.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-04-13 CVE-2023-20118 Command Injection vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets.
network
low complexity
cisco CWE-77
7.2
7.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2048 21 1790 1683 288 3782