Offensive Sequence5d ago
🚩 CRITICAL: CVE-2026-4252 impacts Tenda AC8 (16.03.50.11). IP-based auth in IPv6 Handler lets remote attackers bypass login. Exploit is public. Disable remote mgmt, restrict access, monitor traffic. Details: https://radar.offseq.com/threat/cve-2026-4252-reliance-on-ip-address-for-authentic-a9de4650 #OffSeq #CVE #RouterSecurity #Infosec
Offensive Sequence5d ago
🚨 CRITICAL: CVE-2026-4254 in Tenda AC8 (fw ≤16.03.50.11) enables remote stack buffer overflow via /goform/SysToolChangePwd. Public exploit out — isolate & monitor! No patch yet. https://radar.offseq.com/threat/cve-2026-4254-stack-based-buffer-overflow-in-tenda-501e8b3e #OffSeq #CVE20264254 #RouterSecurity #Vuln
Offensive SequenceMar 15
🚩 CVE-2026-4164 (CRITICAL): Wavlink WL-WN578W2 (221110) is vulnerable to remote command injection via POST to /cgi-bin/wireless.cgi. Public exploit is out. Restrict access, monitor logs, and upgrade ASAP. https://radar.offseq.com/threat/cve-2026-4164-command-injection-in-wavlink-wl-wn57-c028dcbd #OffSeq #CVE #RouterSecurity #IoTSecurity
Offensive SequenceMar 15
🚨 HIGH severity: CVE-2026-4167 in Belkin F9K1122 (1.00.33) enables remote code execution via stack buffer overflow — no auth needed, no patch. Isolate, restrict, and monitor now! https://radar.offseq.com/threat/cve-2026-4167-stack-based-buffer-overflow-in-belki-ac4818a6 #OffSeq #infosec #routersecurity #CVE20264167
Offensive SequenceMar 15
🚨 CVE-2026-4164 (CRITICAL, CVSS 9.3) in Wavlink WL-WN578W2 (v221110): Unauth'd command injection via /cgi-bin/wireless.cgi. Public exploit released. Patch ASAP or restrict access! https://radar.offseq.com/threat/cve-2026-4164-command-injection-in-wavlink-wl-wn57-c028dcbd #OffSeq #CVE #RouterSecurity #Infosec
Offensive SequenceMar 15
🚨 CVE-2026-4163 (CRITICAL): Wavlink WL-WN579A3 routers (v220323) have a command injection bug in /cgi-bin/wireless.cgi. Public exploit code available — restrict remote mgmt, monitor logs, and patch ASAP. https://radar.offseq.com/threat/cve-2026-4163-command-injection-in-wavlink-wl-wn57-5fa0760b #OffSeq #CVE20264163 #infosec #routersecurity
TechNaduMar 11

🚨 KadNap malware is hijacking Asus routers and enrolling them into a malicious proxy botnet used by cybercriminals.

The botnet hides its infrastructure using a Kademlia DHT-based C2 network, making it harder to track and disrupt.

Read more:
https://www.technadu.com/asus-routers-hijacked-by-kadnap-botnet-for-malicious-proxies-comprising-over-14000-devices/623063/

#Cybersecurity #Botnet #RouterSecurity #Infosec

Offensive SequenceMar 9
🚩 CVE-2026-3768 (HIGH, CVSS 8.7): Stack buffer overflow in Tenda F453 v1.0.0.3 — remote, unauthenticated exploit possible. Public exploit code released. Patch ASAP or restrict remote access! https://radar.offseq.com/threat/cve-2026-3768-stack-based-buffer-overflow-in-tenda-9b634f69 #OffSeq #CVE20263768 #RouterSecurity #Infosec
Offensive SequenceMar 8
🛑 CVE-2026-3732: HIGH severity stack buffer overflow in Tenda F453 (v1.0.0.3). Remote, unauthenticated code execution risk — no patch yet. Block remote mgmt & monitor endpoints. Details: https://radar.offseq.com/threat/cve-2026-3732-stack-based-buffer-overflow-in-tenda-41443da2 #OffSeq #Vuln #RouterSecurity #CVE20263732
Offensive SequenceMar 8
🛡️ CVE-2026-3715: HIGH-severity stack overflow in Wavlink WL-WN579X3-C routers (v231124). Remote attackers can execute code w/o auth. Exploit code is public — patch to 20260226 now! https://radar.offseq.com/threat/cve-2026-3715-stack-based-buffer-overflow-in-wavli-504a0f36 #OffSeq #Vulnerability #RouterSecurity #Infosec