Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, cybersecurity company Greynoise has warned. Successful exploitation would allow attackers to execute arbitrary commands on affected devices, potentially leading to complete system compromise, network infiltration, and data exfiltration. “After identifying a significant overlap between IPs exploiting CVE-2024-40891 and those classified as Mirai, the team investigated a recent variant of Mirai … More → The post Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) appeared first on Help Net Security.
http://news.poseidon-us.com/THfZ2t

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

Like this:

Related

More Posts

Legit Security unveils root cause remediation capabilities to reduce AppSec risk

FBI wrestles with a spike in sexual misconduct claims and male-dominated culture

Senate confirms Zeldin to lead Environmental Protection Agency as Trump vows to cut climate rules

New training approach could help AI agents perform better in uncertain conditions

Materials can 'remember' a sequence of events in an unexpected way

New acoustic wave phenomenon discovered

Even quantum physics obeys the law of entropy

Robert F. Kennedy Jr. struggles to answer questions on Medicare and Medicaid at confirmation hearing

How JPMorgan Chase’s infrastructure chief keeps the AI engine humming

Oasis Scout empowers security teams to identify attacks on NHIs

Share this:

Like this:

Related

More Posts