An Interest In:
Web News this Week
- April 25, 2024
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
May 4, 2018 02:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/7IlbLewUS9Y/vulnerabilities-affecting-over-one-million-dasan-gpon-routers-are-now-under-attack
Vulnerabilities Affecting Over One Million Dasan GPON Routers Are Now Under Attack
Two vulnerabilities affecting over one million routers, and disclosed earlier this week, are now under attack by botnet herders, who are trying to gather the vulnerable devices under their control. From a report: Attacks started yesterday, Thursday, May 3, according to Netlab, the network security division of Chinese cyber-security vendor Qihoo 360. Exploitation of these two flaws started after on Monday, April 30, an anonymous researcher published details of the two vulnerabilities via the VPNMentor blog. His findings detail two flaws -- an authentication bypass (CVE-2018-10561) and a remote code execution vulnerability (CVE-2018-10562). The most ludicrous of these two flaws is the first, which basically allows anyone to access the router's internal settings by appending the "?images" string to any URL, effectively giving anyone control over the router's configuration.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/7IlbLewUS9Y/vulnerabilities-affecting-over-one-million-dasan-gpon-routers-are-now-under-attack
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot