router
Cisco IOS XR vulnerability lets attackers crash BGP on routers
Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message. IOS XR runs on the company’s carrier-grade, Network Convergence System (NCS), and Carrier Routing System (CRS) series of routers, such as the ASR 9000, NCS 5500, and 8000 series. This high-severity flaw (tracked […]
Juniper patches bug that let Chinese cyberspies backdoor routers
Juniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers for stealthy access. This medium severity flaw (CVE-2025-21590) was reported by Amazon security engineer Matteo Memelli and is caused by an improper isolation or compartmentalization weakness. Successful exploitation lets local attackers with high privileges execute arbitrary code on […]
Chinese cyberspies backdoor Juniper routers for stealthy access
Chinese hackers are deploying custom backdoors on Juniper Networks Junos OS MX routers that have reached end-of-life (EoL) and no longer receive security updates. The backdoors are primarily variants of the TinyShell malware, an open-source tool that facilitates data exchange and command execution on Linux systems, and which has been used by multiple threat groups over the years. […]
Juniper patches critical auth bypass in Session Smart routers
Juniper Networks has patched a critical vulnerability that allows attackers to bypass authentication and take over Session Smart Router (SSR) devices. The security flaw (tracked as CVE-2025-21589) was found during internal product security testing, and it also affects Session Smart Conductor and WAN Assurance Managed Routers. “An Authentication Bypass Using an Alternate Path or Channel […]
Netgear warns users to patch critical WiFi router vulnerabilities
Netgear has fixed two critical vulnerabilities affecting multiple WiFi router models and urged customers to update their devices to the latest firmware as soon as possible. The security flaws impact multiple WiFi 6 access points (WAX206, WAX214v2, and WAX220) and Nighthawk Pro Gaming router models (XR1000, XR1000v2, XR500). Although the American computer networking company did not disclose more details […]
Stealthy ‘Magic Packet’ malware targets Juniper VPN gateways
A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a “magic packet” in the network traffic. The J-magic attacks appear to target organizations in the semiconductor, energy, manufacturing (marine, solar panels, heavy machinery), and IT sectors. […]
Vulnerable Moxa devices expose industrial networks to attacks
Industrial networking and communications provider Moxa is warning of a high-severity and a critical vulnerability that impact various models of its cellular routers, secure routers, and network security appliances. The two seurity issues allow remote attackers to get root privileges on vulnerable devices and to execute arbitrary commands, which could lead to arbitrary code execution. Risks […]
Hackers exploit Four-Faith router flaw to open reverse shells
Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open reverse shells back to the attackers. The malicious activity was discovered by VulnCheck, who informed Four-Faith about the active exploitation on December 20, 2024. However, it is unclear if security updates for the vulnerability are currently available. […]
Malware botnets exploit outdated D-Link routers in recent attacks
Two botnets tracked as ‘Ficora’ and ‘Capsaicin’ have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. The list of targets includes popular D-Link devices used by individuals and organizations such as DIR-645, DIR-806, GO-RT-AC750, and DIR-845L. For initial access, the two pieces of malware […]
Juniper warns of Mirai botnet targeting Session Smart routers
Juniper Networks has warned customers of Mirai malware attacks targeting and infecting Session Smart routers using default credentials. As the networking infrastructure company explained, the malware scans for devices with default login credentials and executes commands remotely after gaining access, enabling a wide range of malicious activities. The campaign was first observed on December 11, […]