Code for exploiting Zero Day Huawei Router Vulnerability is public

Last week, Satori botnet will open a zero-day vulnerability code in Huawei router. Satori Botnet Attack is a variant of the Mirai botnet attacked by the vulnerability codename CVE-2017-17215 in Huawei routers. It was first discovered in Huawei HG532 router in November 2017, and Huawei immediately released recommendations and measures to guide users “How to avoid this vulnerability”

The code was found at Pastebin during Christmas 2017 before BrickerBot malware exploited the vulnerability and code to launch attacks against IoT devices. In early December 2017, BrickerBot authors claimed that they would withdraw from the development of the malware project and released the attack code against Huawei routers. Network security officers in the analysis of these codes found that the original Huawei router this loophole has been circulating among hackers for some time.

In the analysis, it was also found that Simple Object Access Protocol (SOAP), which is widely used by IoT devices, has led to a class of botnets such as Mirai that have attacked with the vulnerabilities CVE-2014-8361 and TR-64 in the SOAP protocol to increase the attack rate Success. As the attacks on the Internet of Things become more and more modular, but the Internet of Things revealed a loophole, hackers will immediately add a new attack weapon in their attack arsenal to strengthen the IoT attack.

Reference: threatpost