CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-28771 CVE-2023-28771 is a vulnerability that allows unauthenticated attackers to execute OS commands remotely by sending crafted IKE (Internet Key Exchange) packets to an affected device. Fixed by Zyxel in April 2023, it was expected to be quickly exploited by attackers once technical write-ups and … More
The post Zyxel firewalls under attack by Mirai-like botnet appeared first on Help Net Security.