Attribute | Details |
---|---|
Threat Actors | Not specified |
Campaign Overview | Cisco Talos discovered vulnerabilities in MC Technologies LR Router and the GoCast service. |
Target Regions | Global, affecting users with MC Technologies routers and GoCast services. |
Methodology | OS command injection vulnerabilities, authentication flaws, and exploitation via web interfaces and APIs. |
Product Targeted | MC Technologies LR Router, GoCast service. |
Malware Reference | Not mentioned. Focus on OS command injection and authentication exploitation. |
Tools Used | Exploited via authenticated HTTP requests, web interfaces, GoCast HTTP API interactions. |
Vulnerabilities Exploited | MC Technologies: TALOS-2024-1953 (CVE-2024-28025 to CVE-2024-28027), TALOS-2024-1954 (CVE-2024-21786). GoCast: TALOS-2024-1962 (CVE-2024-21855), TALOS-2024-1960 (CVE-2024-28892), TALOS-2024-1961 (CVE-2024-29224). |
TTPs | OS command injection, exploitation through authentication bypass, API interactions, web interface manipulation. |
Attribution | Discovered by Cisco Talos (Matt Wiseman for MC Technologies, Edwin Molenaar, Matt Street for GoCast). |
Recommendations | No patch available at the time, use Snort coverage for detection, download latest rule sets from Snort.org, check Talos Intelligence advisories. |
Source | Cisco Talos blog |
Read full article: https://blog.talosintelligence.com/mc-lr-router-and-gocast-zero-day-vulnerabilities-2/
Disclaimer: The above summary has been generated by an AI language model
Leave a Reply