Threat actors attempt to exploit a flaw in Four-Faith routers
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A high-severity vulnerability (CVE-2024-12856) affecting Four-Faith router models F3x24 and F3x36 is being actively exploited. The flaw allows OS command injection if default credentials are used, potentially leading to unauthenticated remote code execution. Attackers have been observed leveraging this vulnerability to launch reverse shells for persistent access. Over 15,000 internet-facing devices are potentially at risk. The exploitation attempts have been linked to previous attacks on Four-Faith routers. No patches are currently available, and the vendor was notified on December 20, 2024. Users are advised to change default credentials and monitor for suspicious activities.
OPENCTI LABELS :
vulnerability,reverse shell,router,cve-2024-12856,four-faith
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Threat actors attempt to exploit a flaw in Four-Faith routers