Outbreak Alert: Zerobot Attack

mkoser · ‎12-29-2022

FortiRecon provides outside-in coverage for risks towards customers. External Attack Surface Management helps customers to identify exposure to known and unknown enterprise assets and associated vulnerabilities across the enterprise. Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides realistic view of impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc.
CVE ID	CVE-2014-8361
CVE Title	D-Link Realtek SDK miniigd SOAP service code execution
CVE Severity	Critical
ACI Reporting Coverage	4 Reports (TECHINT)
Additional References	2 Darknet mentions for this vulnerability. 1 article referencing this CVE on security blog. 2 article referencing possibly working exploit(s) for this vulnerability. 196 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2017-17106
CVE Title	Zivif PR115-204-P-RS security bypass
CVE Severity	High
ACI Reporting Coverage	2 Reports (TECHINT)
Additional References	1 article referencing this CVE on security blog. 1 article referencing possibly working exploit(s) for this vulnerability. 4 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2017-17215
CVE Title	Huawei Router HG532 SOAP protocol command execution
CVE Severity	High
ACI Reporting Coverage	8 Reports (TECHINT/OSINT)
Additional References	10 Darknet mentions for this vulnerability. 1 article referencing this CVE on security blog. 1 article referencing possibly working exploit(s) for this vulnerability. 4 public code repositories containing possible POC exploits for this vulnerability. 302 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2018-12613
CVE Title	phpMyAdmin file include
CVE Severity	High
ACI Reporting Coverage	2 Reports (TECHINT)
Additional References	1 Darknet mentions for this vulnerability. 2 articles referencing this CVE on security blog. 8 article referencing possibly working exploit(s) for this vulnerability. 4 public code repositories containing possible POC exploits for this vulnerability. 39 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2020-10987
CVE Title	Tenda AC15 AC1900 devices command execution
CVE Severity	High
ACI Reporting Coverage	7 Reports (TECHINT/Media)
Additional References	3 Darknet mentions for this vulnerability. 3 articles referencing this CVE on security blog. 18 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2020-25506
CVE Title	D-Link DNS-320 command execution
CVE Severity	Medium
ACI Reporting Coverage	5 Reports (TECHINT)
Additional References	1 article referencing this CVE on security blog. 4 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2021-35395
CVE Title	Realtek Jungle SDK buffer overflow
CVE Severity	High
ACI Reporting Coverage	3 Reports (TECHINT)
Additional References	2 articles referencing this CVE on security blog. 25 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2021-36260
CVE Title	Multiple Hikvision products command execution
CVE Severity	Critical
ACI Reporting Coverage	3 Reports (TECHINT)
Additional References	4 articles referencing this CVE on security blog. 3 articles referencing possibly working exploit(s) for this vulnerability. 6 public code repositories containing possible POC exploits for this vulnerability. 52 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2021-46422
CVE Title	Telesquare SDT-CW3B1 command execution
CVE Severity	Critical
ACI Reporting Coverage	3 Reports (TECHINT)
Additional References	1 article referencing this CVE on security blog. 4 articles referencing possibly working exploit(s) for this vulnerability. 13 public code repositories containing possible POC exploits for this vulnerability. 9 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2022-1388
CVE Title	F5 BIG-IP Missing Authentication Vulnerability
CVE Severity	High
ACI Reporting Coverage	14 Reports (OSINT, TECHINT, Media Darknet)
Additional References	14 articles referencing this CVE on security blogs. 4 articles referencing possibly working exploit(s) for this vulnerability. 64 public code repositories containing possible POC exploits for this vulnerability. 491 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2022-22965
CVE Title	Spring Framework JDK 9+ Remote Code Execution Vulnerability (Spring4Shell)
CVE Severity	High
ACI Reporting Coverage	16 Reports (OSINT, TECHINT, Media Darknet)
Additional References	1 Darknet mention for this vulnerability. 32 articles referencing this CVE on security blogs. 2 articles referencing possibly working exploit(s) for this vulnerability. 80 public code repositories containing possible POC exploits for this vulnerability. 403 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2022-25075
CVE Title	Command injection vulnerability in TOTOLink A3000RU Router
CVE Severity	Medium
ACI Reporting Coverage	7 Reports (TECHINT/OSINT)
Additional References	2 articles referencing this CVE on security blogs. 2 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2022-26186
CVE Title	Command injection vulnerability in TOTOLINK N600R Router
CVE Severity	Medium
ACI Reporting Coverage	4 Reports (TECHINT)
Additional References	1 article referencing this CVE on security blogs. 7 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2022-26210
CVE Title	Command injection vulnerability in Totolink A830R Router
CVE Severity	Medium
ACI Reporting Coverage	4 Reports (TECHINT)
Additional References	1 article referencing this CVE on security blogs. 3 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2022-34538
CVE Title	Command injection vulnerability in Digital Watchdog DW MEGApix IP cameras
CVE Severity	Low
ACI Reporting Coverage	3 Reports (TECHINT)
Additional References	1 article referencing this CVE on security blogs. 2 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2022-37061
CVE Title	Remote Command Injection in FLIR AX8 thermal sensor cameras
CVE Severity	High
ACI Reporting Coverage	3 Reports (TECHINT)
Additional References	2 articles referencing this CVE on security blogs. 2 articles referencing possibly working exploit(s) for this vulnerability. 5 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2022-30525
CVE Title	Multiple Zyxel devices command execution
CVE Severity	Critical
ACI Reporting Coverage	12 Reports (OSINT, TECHINT, Media, Darknet)
Additional Reference	9 articles referencing this CVE on security blogs. 4 articles referencing possibly working exploit(s) for this vulnerability. 16 public code repositories containing possible POC exploits for this vulnerability. 79 mentions on social media for this vulnerability.
EASM Scanner	No

You are leaving our website