"Recent Zyxel NAS Vulnerability Exploited by Botnet"
The Shadowserver Foundation warns that botnet attacks are exploiting a recently disclosed critical-severity vulnerability in discontinued Zyxel NAS devices. The code injection flaw can be exploited remotely without authentication. An attacker can exploit it by sending crafted HTTP POST requests to a vulnerable device for Remote Code Execution (RCE). Recently, the Shadowserver Foundation reported the first exploitation attempts by a Mirai-like botnet. This article continues to discuss the Mirai-like botnet exploiting a critical-severity vulnerability in discontinued Zyxel NAS products.
SecurityWeek reports "Recent Zyxel NAS Vulnerability Exploited by Botnet"
Submitted by grigby1
Submitted by Gregory Rigby
on