Have a suggestion?
Click here to suggest a blog item.
Catch up with DonationCoder by browsing our past newsletters, which collect the most interesting discussions on our site: here.
DonationCoder does not accept paid promotions. We have a strict policy of not accepting gifts of any kind in exchange for placing content in our blogs or newsletters, or on our forum. The content and recommendations you see on our site reflect our genuine personal interests and nothing more.
Jan 6, 2018
Dec 2, 2018
Nov 13, 2018
July 30, 2018
June 24, 2018
June 6, 2018
Apr 2, 2018
Apr 2, 2018
Feb 24, 2018
Jan 14, 2018
Major Site News
Jan 10, 2018
Our daily Blog
This page spotlights the most interesting posts collected from our forum every day.
You are viewing a specific blog item. Click here to return to the main blog page.
"... A few days ago, we released details of two unpatched critical authentication bypass and root-RCE vulnerabilities we found on very widespread GPON Routers. The vulnerabilities, as we outlined, affects over a million users and is easily accessible through sites like Shodan and ZoomEye.
Shortly after our initial discovery, we contacted the responsible parties. Unfortunately, a patch was not available, and it didn’t seem to be in development either. So, we released the details to inform the affected users of the risks involved in using these modems.
However, we noticed (thanks to 360 Netlab) that attackers began exploiting both these vulnerabilities (CVE-2018-10561 & CVE-2018-10562) to add the affected devices and their networks into their botnets. To prevent more attacks, we took matters into our hands. We are releasing a user-friendly patch below ...":