Four-Faith Router Vulnerability CVE-2024-12856 Actively Exploited
/ 1 min read
🛡️💻 New vulnerability discovered in Four-Faith industrial routers poses serious security risk. VulnCheck has identified a post-authentication vulnerability, designated CVE-2024-12856, affecting Four-Faith F3x24 and F3x36 routers, which is being actively exploited. Attackers are leveraging default credentials to execute unauthenticated remote command injections, potentially impacting around 15,000 internet-facing devices. The vulnerability allows for OS command injection through a specific HTTP endpoint when modifying system time. VulnCheck has alerted Four-Faith and its customers about the issue, emphasizing the need for immediate attention to patches and affected firmware versions. For detection, a Suricata rule has been developed to monitor this vulnerability in network traffic.
