Hundreds of thousands of IoT devices are likely to be attacked by vulnerabilities on the server
On Christmas Day, a vulnerability affecting web servers was embedded with hundreds of thousands of IoT devices, namely GoAhead, a web server created by Embedthis Software.
On its home page, Embedthis said that their products are currently being developed inside products of many big names like Comcast, Oracle, D-Link, ZTE, HP, Siemens, Canon .
This web server is quite popular with hardware manufacturers because it can run on a variety of devices, including IoT devices, routers, printers .
The GoAhead server is executing remote code
Researchers from Elttam have discovered how to execute remote code on GoAhead web server devices, vulnerabilities code number CVE-2017-17562. An attacker could exploit this vulnerability when CGI is enabled. This is a dynamic link program that allows communication between server and program quite popular.
Hundreds of thousands of IoT devices are capable of being attacked
About 500 thousand to 700 thousand devices affected
Elttam reported a bug to Embedthis and the company quickly released a patch. All versions of GoAhead before 3.6.5 are capable of being attacked, but errors are only validated on version 2.5.0.
Embedthis has done its work, but now everyone who has a GoAhead server must update it quickly. According to Shodan estimates, there are 500,000 to 700,000 devices on this list.
See more:
- Billions of devices are affected by the new Bluetooth attack
- Internet of Things - IoT or What is the universal connection network?
- Internet of Things - opportunities and challenges for businesses
You should read it
- Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement cases
- Hundreds of HP printer models contain vulnerabilities that allow remote code execution attacks
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devices
- Microsoft fixes a serious vulnerability that has existed for 17 years in Windows Server
- ProFTPD remote code execution vulnerability affects more than 1 million servers worldwide
- Microsoft Outlook RCE Vulnerability Can Sell For $400,000
- Release software to check DNS server vulnerabilities
- Adobe Flash Player has a serious zero-day vulnerability
May be interested
- VNCERT warns Internet users in Vietnam to change their email and Facebook passwords immediatelya large number of accounts use e-mail, passwords of social networking sites and online services leaked worldwide.
- The handler for hackers attacking the corporate network is the company's employeesthe habit of using the internet at work to surf the web, do personal things like receiving and sending sensitive information or not privacy to social network accounts is the leading cause of data security issues. the company's coming with external threats.
- Check email with password leaked by the Information Security websiteafter the 1.4 billion email accounts were leaked, the department of information security - ministry of information and communications has built a website https://khonggianmang.vn that allows users to check email accounts. whether or not my will be revealed.
- The Chrome gadget secretly exploits virtual money, making it slowaccording to windows latest, after installing archive poster, an extension (extension) to support tumblr social network on google chrome browser, it will run in the background and secretly use computer resources to dig up monero causing the computer to run slowly.
- Serious security vulnerability on Intel chipseither leave the hole or install the patch to make it slower. how to choose it depends on you.
- A serious vulnerability on phpMyAdmin allows an attacker to destroy the databasea serious security vulnerability on phpmyadmin - one of the most popular mysql database management software will harm the database when the tricked administrator clicks on the link.