CVE-2014-8361

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2014-8361 is a significant software vulnerability found in Realtek SDK devices. This flaw in the software design or implementation allows for exploitation by malicious actors, often leading to unauthorized access and control of the affected systems. The vulnerability is particularly notable due to its role in distributing malware through exposed Hadoop YARN servers and security flaws in other devices such as Huawei HG532 routers. The infection process of HinataBot, a known malware, has been analyzed and shown to exploit this vulnerability, specifically targeting the miniigd SOAP service on Realtek SDK devices. The exploitation also extends to Huawei HG532 routers and exposed Hadoop YARN servers. The successful exploitation of these vulnerabilities enables the execution of arbitrary commands, providing attackers with extensive control over the compromised system. The command injection vulnerability (CVE-2014-8361) is utilized to perform multiple actions using SOAP, a protocol used for exchanging structured information in web services. This further amplifies the potential damage that can be caused by an attacker exploiting this vulnerability. Given its severity and widespread impact, it's critical for organizations to patch or mitigate this vulnerability to prevent potential breaches and maintain the security of their systems.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vulnerability
Akamai
Malware
Hadoop
exploitation
Exploit
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
MiraiUnspecified
1
Mirai is a notorious malware that targets Internet of Things (IoT) devices to form a botnet, which can then be used to launch distributed denial-of-service (DDoS) attacks. In early 2022, Mirai botnets accounted for over 7 million detections, highlighting the widespread nature of this threat. However
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
CVE-2017-17215Unspecified
1
CVE-2017-17215 is a significant vulnerability found in Huawei HG532 routers, characterized as a flaw in software design or implementation. This vulnerability has been exploited to distribute malware through exposed Hadoop YARN servers and security flaws in Realtek SDK devices (CVE-2014-8361) and Hua
Webserver RceUnspecified
1
None
Source Document References
Information about the CVE-2014-8361 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
7 months ago
Analysis of Active Satori Botnet Infections
CERT-EU
a year ago
New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
CERT-EU
9 months ago
CISA adds Owl Labs, Samsung, Realtek bugs to exploited vulnerability list
CISA
9 months ago
CISA Adds Eight Known Exploited Vulnerabilities to Catalog | CISA
CERT-EU
9 months ago
Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability
Fortinet
a year ago
2022 IoT Threat Review | FortiGuard Labs
CERT-EU
a year ago
The Good, the Bad and the Ugly in Cybersecurity – Week 12 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware – National Cyber Security Consulting
CERT-EU
a year ago
พบ 'HinataBot' บอทเน็ตที่อาจสร้างการโจมตี DDoS ขนาด 3.3 Tbps ได้