Malware botenago

Cybersecurity researchers at AT & T Alien Labs announced they have identified a new family of malware that attacks routers and connected objects (IoT). They've named it BotenaGo. They report that it has the potential to affect millions of devices. To do this, it exploits nearly 30 different vulnerabilities.


 

List of CVE :


8.8 CVE-2020-9377
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter...

2021-07-21 11:39:00

9.8 CVE-2020-9054
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication...

2022-03-11 17:58:00

7.2 CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024...

2020-07-22 17:30:00

9.8 CVE-2020-8515
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta...

2022-01-01 20:03:00

9.8 CVE-2020-10987
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to...

2021-07-21 11:39:00

8.8 CVE-2020-10173
Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection...

2020-03-10 12:31:00

8.8 CVE-2019-19824
On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands...

2020-02-05 14:30:00

8.8 CVE-2017-6334
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated...

2019-10-03 00:03:00

9.8 CVE-2017-6077
ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users...

2017-03-02 02:59:00

9.8 CVE-2017-18368
The ZyXEL P660HN-T1A v1 TCLinux Fw .3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline...

2019-10-03 00:03:00

8.8 CVE-2016-6277
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000...

2017-08-16 01:29:00

9.8 CVE-2016-1555
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php...

2019-04-16 18:00:00

7.2 CVE-2016-11021
setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via...

2021-04-23 14:38:00

10 CVE-2015-2051
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers...

2016-12-31 02:59:00

10 CVE-2014-2321
web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative...

2014-03-11 16:22:00