CVE-2017-17215

The Huawei HG532 router, including some customized versions, is affected by a remote code execution issue. An authenticated attacker can send malicious packets to port 37215 to launch attacks, potentially leading to the remote execution of arbitrary code.

Meanwhile, researchers have discovered a new malware called Chaos, written in Go, which has been increasing its botnet network in recent months, targeting small office/home office (SOHO) routers and corporate servers. Chaos's effectiveness is due to its versatility, allowing it to run on various architectures such as ARM, Intel (i386), MIPS, and PowerPC, and its ability to spread through known vulnerabilities and stolen SSH keys.

Chaos has the capability to execute up to 70 different commands sent from the attacker's server, including instructions to exploit certain vulnerabilities. A GitLab server in Europe was among the targets of the Chaos botnet, with the company reporting a series of DDoS attacks aimed at organizations in the gaming, financial services, technology, media, and entertainment, and hosting providers sectors, as well as a cryptocurrency mining exchange.

The vulnerable software is the Huawei HG532 router, including some customized versions. The exploit can be launched by sending malicious packets to port 37215.

#Huawei #Chaos #Malware #RemoteCodeExecution #DDoS #GoLanguage #ARM #Intel #MIPS #PowerPC