Malware zerobot

Zerobot was spotted in mid-November 2022 by security researchers at Fortinet. It is a malware coded in Go language that exploits about twenty vulnerabilities located in firewalls, routers, cameras, NAS, ... Its goal: to compromise machines with the aim that they integrate a botnet in order to carry out DDos attacks.


 

List of CVE :


9.8 CVE-2022-37061
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command...

More
2022-12-09 15:32:00

8.8 CVE-2022-34538
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection...

More
2022-07-26 17:32:00

9.8 CVE-2022-30525
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00...

More
2022-10-19 18:32:00

9.8 CVE-2022-26210
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903,...

More
2022-03-22 14:37:00

9.8 CVE-2022-26186
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via...

More
2022-03-29 15:39:00

9.8 CVE-2022-25075
TOTOLink A3000RU V5.9c.2280_B20180512 was discovered to contain a command injection vulnerability in...

More
2022-03-02 18:42:00

9.8 CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution...

More
2023-02-09 02:07:00

9.8 CVE-2022-1388
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior...

More
2023-01-24 16:08:00

9.8 CVE-2021-46422
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote...

More
2022-09-30 12:59:00

9.8 CVE-2021-36260
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient...

More
2022-10-27 21:18:00

9.8 CVE-2021-35395
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface...

More
2022-03-11 14:27:00

9.8 CVE-2020-25506
D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component,...

More
2021-07-21 11:39:00

9.8 CVE-2020-10987
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to...

More
2021-07-21 11:39:00

8.8 CVE-2018-12613
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and...

More
2021-11-02 17:59:00

8.8 CVE-2017-17215
Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated...

More
2018-04-19 15:04:00

9.8 CVE-2017-17106
Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated remote...

More
2019-10-03 00:03:00

10 CVE-2014-8361
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted...

More
2022-03-11 07:15:00