Two-step attack seen on core systems
Researchers are warning owners of fiber routers to keep a close eye on their gear and check for firmware updates following the discovery an in-the-wild zero-day attack.
The team of Yanlong Ma, Genshen Ye, Lingming Tu, Ye Jin at 360 Netlab say that for more than two months it has been tracking active attacks on what it says is a two-part remote code execution attack being used to infect the networking gear from multiple vendors.
The exploit results in the attacker getting total control of the vulnerable Netlink Gigabit Passive Optical Networks routers and at least eight other OEMs. One of the steps, detailed by Exploit-db, is known to cause remote command execution.
Support the originator by clicking the read the rest link below.
