2014, Authentication, Firewall and Firmware

2014

Authentication

Firewall

Firmware

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. An attacker could exploit the lack of checks to execute malicious firmware and perform malicious actions on both Windows and Linux systems, such as the installation of persistent backdoors.

Firmware

Firmware Hacking Authentication Advertising

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Security Affairs

JANUARY 20, 2020

An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” While the user’s shell is limited to running the /opt/phoenix/ phscripts /bin/ tunnelshell script, SSH authentication still succeeds.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Firmware Advertising Firewall

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

SonicWall warns users of “imminent ransomware campaign”

Malwarebytes

JULY 15, 2021

The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. x versions of the firmware. x firmware. x firmware versions. SSL-VPN 200/2000/400 (EOL 2013/2014) disconnect immediately and reset passwords. SMA 210/410/500v (Actively Supported) update firmware to 9.0.0.10-28sv

Ransomware

Ransomware Firmware VPN Firewall

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier. NETGEAR DGN2200 devices with firmware through 10.0.0.50. Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 7)C0 NAS520 before firmware V5.21(AASZ.3)C0 CVE-2014-2321.

Malware

Malware IoT Firmware Authentication

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

Unlike other printer management protocols, the IPP protocol supports multiple security features, including authentication and encryption, but evidently organizations don’t use them. “Obviously, these counts only represent devices that are not firewalled and allow direct querying over the IPv4 Internet.”

Internet

Internet Internet Firmware Advertising

Zyxel addresses Zero-Day vulnerability in NAS devices

Security Affairs

FEBRUARY 25, 2020

. “Multiple ZyXEL network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device.” “ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. and earlier.

Authentication

Authentication Advertising Firmware Internet

Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers

Security Affairs

MARCH 29, 2019

The expert explained that the TP-Link Device Debug Protocol (TDDP) allows running two types of commands on the device: type 1 which do not require authentication and type 2 which requires administrator credentials. While TDDP listens on all interfaces, the default firewall implemented in the routers prevents network access.

Advertising

Advertising Firmware Firewall Authentication

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. “Prima Systems FlexAir, Versions 2.3.38

Backups

Backups Authentication Advertising Firmware

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Security Affairs

AUGUST 14, 2018

. “In this paper, we show that reusing a key pair across different versions and modes of IKE can lead to cross-protocol authentication bypasses, enabling the impersonation of a victim host or network by attackers. We exploit a Bleichenbacher oracle in an IKEv1 mode, where RSA encrypted nonces are used for authentication.”

Encryption

Encryption Authentication Internet Internet

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

“ SonicWall Capture Labs Threat Research team observe huge hits on our firewalls that attempt to exploit the command injection vulnerability with the below HTTP request.” This unauthenticated remote command injection vulnerability affects Linear eMerge E3 access control systems running firmware versions 1.00-06

DDOS

DDOS Hacking Internet Internet

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

Maintain minimal exposure to the Internet on Linux servers and IoT devices and use a properly configured firewall. Install security and firmware upgrades from vendors, as soon as possible. 2830690: ETPRO EXPLOIT GPON Authentication Bypass Attempt (CVE-2018-10561). 2032077: ET EXPLOIT ZTE Cable Modem RCE Attempt (CVE-2014-2321).

Malware

Malware IoT Authentication Antivirus

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

Meaning, authentication bypasses weren’t enough. CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. Firmware Analysis. Summary of Our Findings.

Firmware

Firmware IoT VPN Authentication

Cyber Security Informer

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Webinars

Trending Sources

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Webinars

SonicWall warns users of “imminent ransomware campaign”

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

A daily average of 80,000 printers exposed online via IPP

Zyxel addresses Zero-Day vulnerability in NAS devices

Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers

CISA warns of critical flaws in Prima FlexAir access control system

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

BotenaGo strikes again – malware source code uploaded to GitHub

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Stay Connected