Recherche : [CVE-2024-40891]

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers https://techcrunch.com/2025/02/05/router-maker-zyxel-tells-customers-to-replace-vulnerable-hardware-exploited-by-hackers/

05/02/2025 14:25:49

The Taiwanese hardware maker says it has no plans patch the flaws impacting legacy router models

Zyxel Telnet Vulnerabilities https://vulncheck.com/blog/zyxel-telnet-vulns

05/02/2025 14:24:01

VulnCheck and partner GreyNoise discovered Zyxel-related vulnerabilities being targeted in the wild. In this blog, VulnCheck describes the vulnerabilities CVE-2024-40891 and CVE-2025-0890.

Active Exploitation of Zero-day Zyxel CPE Vulnerability (CVE-2024-40891) https://www.greynoise.io/blog/active-exploitation-of-zero-day-zyxel-cpe-vulnerability-cve-2024-40891?is=09685296f9ea1fb2ee0963f2febaeb3a55d8fb1eddbb11ed4bd2da49d711f2c7

01/02/2025 10:25:11

After identifying a significant overlap between IPs exploiting CVE-2024-40891 and those classified as Mirai, the team investigated a recent variant of Mirai and confirmed that the ability to exploit CVE-2024-40891 has been incorporated into some Mirai strains.

‍GreyNoise is observing active exploitation attempts targeting a zero-day critical command injection vulnerability in Zyxel CPE Series devices tracked as CVE-2024-40891. At this time, the vulnerability is not patched, nor has it been publicly disclosed. Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration. At publication, Censys is reporting over 1,500 vulnerable devices online.

Liens par page

Filtres