Press ESC to close

MC LR Router and GoCast unpatched vulnerabilities

Attribute Details
Threat Actors Not specified 
Campaign Overview Cisco Talos discovered vulnerabilities in MC Technologies LR Router and the GoCast service.
Target Regions Global, affecting users with MC Technologies routers and GoCast services.
Methodology OS command injection vulnerabilities, authentication flaws, and exploitation via web interfaces and APIs.
Product Targeted MC Technologies LR Router, GoCast service.
Malware Reference Not mentioned. Focus on OS command injection and authentication exploitation.
Tools Used Exploited via authenticated HTTP requests, web interfaces, GoCast HTTP API interactions.
Vulnerabilities Exploited MC Technologies: TALOS-2024-1953 (CVE-2024-28025 to CVE-2024-28027), TALOS-2024-1954 (CVE-2024-21786).
GoCast: TALOS-2024-1962 (CVE-2024-21855), TALOS-2024-1960 (CVE-2024-28892), TALOS-2024-1961 (CVE-2024-29224).
TTPs OS command injection, exploitation through authentication bypass, API interactions, web interface manipulation.
Attribution Discovered by Cisco Talos (Matt Wiseman for MC Technologies, Edwin Molenaar, Matt Street for GoCast).
Recommendations No patch available at the time, use Snort coverage for detection, download latest rule sets from Snort.org, check Talos Intelligence advisories.
Source Cisco Talos blog

Read full article: https://blog.talosintelligence.com/mc-lr-router-and-gocast-zero-day-vulnerabilities-2/

Disclaimer: The above summary has been generated by an AI language model

Source: Cisco Talos

Published on: December 9, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *