216.73.216.86

Threat actors attempt to exploit a flaw in Four-Faith routers

· Published 28/12/2024 12:12 · Modified 30/12/2024 15:55

Export JSON

Essential information

Published
28/12/2024 12:12
Modified
30/12/2024 15:55
Tags
2024-12-28 CVE-2024-12856 four-faith reverse shell router vulnerability
Related entities
5 techniques (mitre)

Description

A high-severity () affecting models F3x24 and F3x36 is being actively exploited. The flaw allows OS command injection if default credentials are used, potentially leading to unauthenticated remote code execution. Attackers have been observed leveraging this to launch reverse shells for persistent access. Over 15,000 internet-facing devices are potentially at risk. The exploitation attempts have been linked to previous attacks on routers. No patches are currently available, and the vendor was notified on December 20, 2024. Users are advised to change default credentials and monitor for suspicious activities.

External references