Vulnerability Exploits

15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials

The latest news on the Four-Faith router exploit CVE-2024-12856, an OS command injection vulnerability, is as follows:

CVE-2024-12856 Exploitation:

Vulnerability Details: VulnCheck has discovered that a new vulnerability affecting Four-Faith industrial routers has been exploited in the wild. The vulnerability, tracked as CVE-2024-12856, is an OS command injection flaw1 5.
Severity: The vulnerability is rated as critical, with a CVSS score of 9.3 out of a maximum of 10, indicating high severity5.
Exploitation: There is evidence that this vulnerability has been exploited in real-world attacks, highlighting the need for immediate action to secure affected systems1 5.

Default Credentials Security Flaws:

General Issue: Many routers, including those from Four-Faith, often come with default credentials that are not changed by users. This lack of password change leaves these devices vulnerable to exploitation by attackers3.
Specific to Four-Faith: The specific vulnerability CVE-2024-12856 is not directly related to default credentials, but the broader issue of default credentials being left unchanged is a common security flaw that can be exploited by attackers to gain access to routers and other network devices1 3.

Recommendations:

Update Firmware: Users are advised to update their firmware to the latest version to address this vulnerability. Regular firmware updates are crucial for fixing security vulnerabilities and improving router security3 5.
Change Default Credentials: It is essential to change default credentials to strong, unique passwords to prevent unauthorized access. This simple step can significantly enhance the security of network devices3.

In summary, the CVE-2024-12856 vulnerability in Four-Faith industrial routers is a critical OS command injection flaw that has been exploited in the wild. Users must update their firmware and change default credentials to secure their devices against such attacks.

Vulnerable Moxa devices expose industrial networks to attacks

Latest News on Moxa Devices Vulnerabilities Moxa Security Advisory: CVE-2024-9138 and CVE-2024-9140 Moxa, a leading provider of industrial networking and communication solutions, has issued a security advisory regarding two critical vulnerabilities affecting their cellular routers, secure routers, and network security appliances1. The vulnerabilities, identified as CVE-2024-9138 and CVE-2024-9140, have a

Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution

A high-severity security flaw, tracked as CVE-2024-43405, has been disclosed in ProjectDiscovery's Nuclei, a widely-used open-source vulnerability scanner. This vulnerability allows attackers to bypass signature checks and potentially execute malicious code13. Key Highlights: * Vulnerability Description: The vulnerability stems from a discrepancy between how the signature verification process and

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

The latest news on the LDAP vulnerability PoC exploit, specifically CVE-2024-49112, involves a critical remote code execution (RCE) flaw in Windows Lightweight Directory Access Protocol (LDAP) clients. Here are the key details: CVE-2024-49112 Overview Vulnerability Description: CVE-2024-49112 is a critical vulnerability in Windows LDAP clients that allows remote code execution.

Read next