Searching for Exposed ASUS Routers Vulnerable to CVE-2021-20090, (Fri, Nov 26th)

Over the past 7 days, my honeypot captured a few hundred POST for a vulnerability which appeared to be tracked as a critical path traversal vulnerability in the web interfaces of routers with Arcadyan firmware. If successfully exploited, could allow unauthenticated remote actors to bypass authentication and add the router to the botnet Mirai botnet.

Article Link: InfoSec Handlers Diary Blog