Hundreds of thousands of IoT devices are likely to be attacked by vulnerabilities on the server
On Christmas Day, a vulnerability affecting web servers was embedded with hundreds of thousands of IoT devices, namely GoAhead, a web server created by Embedthis Software.
On its home page, Embedthis said that their products are currently being developed inside products of many big names like Comcast, Oracle, D-Link, ZTE, HP, Siemens, Canon .
This web server is quite popular with hardware manufacturers because it can run on a variety of devices, including IoT devices, routers, printers .
The GoAhead server is executing remote code
Researchers from Elttam have discovered how to execute remote code on GoAhead web server devices, vulnerabilities code number CVE-2017-17562. An attacker could exploit this vulnerability when CGI is enabled. This is a dynamic link program that allows communication between server and program quite popular.
Hundreds of thousands of IoT devices are capable of being attacked
About 500 thousand to 700 thousand devices affected
Elttam reported a bug to Embedthis and the company quickly released a patch. All versions of GoAhead before 3.6.5 are capable of being attacked, but errors are only validated on version 2.5.0.
Embedthis has done its work, but now everyone who has a GoAhead server must update it quickly. According to Shodan estimates, there are 500,000 to 700,000 devices on this list.
See more:
- Billions of devices are affected by the new Bluetooth attack
- Internet of Things - IoT or What is the universal connection network?
- Internet of Things - opportunities and challenges for businesses
You should read it
- Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement cases
- Hundreds of HP printer models contain vulnerabilities that allow remote code execution attacks
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devices
- Microsoft fixes a serious vulnerability that has existed for 17 years in Windows Server
- ProFTPD remote code execution vulnerability affects more than 1 million servers worldwide
- Microsoft Outlook RCE Vulnerability Can Sell For $400,000
- Release software to check DNS server vulnerabilities
- Adobe Flash Player has a serious zero-day vulnerability
May be interested
- Detecting high-risk vulnerabilities potentially affecting 1 million servers worldwidethe vulnerability allows an attacker to read configuration files of the application, steal passwords or api tokens, and even hijack the server.
- New Windows 11 problem: Self-created hundreds, thousands of empty foldersmany users report that windows 11 is creating hundreds to thousands of empty folders on its own in the system32 folder. it seems that windows 11 has inherited this problem from windows 10.
- Thousands of Apple ID accounts are leaked because an application's server has data leakstwo of teensafe's servers, the monitoring application allows parents to monitor their activity on android and ios devices, stored on the amazon cloud service with security issues.
- The virus attacked the United States, South Korea switched to destruction modeowners of thousands of 'zombie' computers participating in botnets attacked us and korean websites in the past week will have to 'taste pain'.
- 16 new security vulnerabilities can cause systems using Microsoft software to be attackedin addition to warnings about security vulnerabilities in pan-os being used to attack systems, in april, the department of information security (ministry of information and communications) also recommended that units pay attention to 16 high-impact vulnerabilities. , serious in microsoft products.
- An extremely dangerous vulnerability on Android phones allows bad guys to track users even when the phone is off the screencamera apps on android phones all have this flaw, which poses a threat to hundreds of millions of users.
- Hundreds of HP printer models contain vulnerabilities that allow remote code execution attackshp has issued security alerts for three critical vulnerabilities affecting hundreds of laserjet pro, pagewide pro, officejet, enterprise, large format, and deskjet printer models.
- Critical error on Apache Struts2 allows hackers to take over the web servernew researchers have discovered a remote code execution flaw in the apache struts open source web application framework, allowing an attacker to run malicious code on the server.
- Hundreds of thousands of Wifi manufactured from 2015 and earlier were attackedif you are using a wifi router, wifi extender or usb wifi made in 2015 or earlier, it may be time to ditch it and buy a new one. because your device is too old and can be hacked over the internet now.
- Detects many security vulnerabilities in Lenovo server infrastructurethere are a total of 9 different security holes found in lenovo's server infrastructure.