CVE-2014-8361

Vulnerability updated 22 days ago (2024-11-29T14:48:58.863Z)

Download STIX

Preview STIX

CVE-2014-8361 is a significant vulnerability that was discovered in 2014. It is a remote code execution (RCE) flaw found in the Realtek Software Development Kit, which allows threat actors to execute arbitrary commands on the system. The vulnerability has been exploited by various malicious campaigns over the years, and it is one of many older flaws that attackers frequently scan for due to its high impact potential. The Akamai Security Intelligence and Response Team (SIRT) noted this vulnerability as part of a broader campaign targeting unpatched zero-day vulnerabilities, including a similar RCE vulnerability in Hadoop YARN servers. In addition, Huawei devices affected by CVE-2017-17215 were also targeted. These attacks often involve the distribution of malware through exploitation of exposed Hadoop YARN servers and security flaws in Realtek SDK devices and Huawei HG532 routers. Analysis of the infection process for the HinataBot malware revealed that it exploits the miniigd SOAP service on Realtek SDK devices (CVE-2014-8361), Huawei HG532 routers (CVE-2017-17215), and exposed Hadoop YARN servers. The command injection vulnerability (CVE-2014-8361) is used to perform multiple actions using SOAP, demonstrating how threat actors can leverage such vulnerabilities to gain control over systems and spread malware.

Description last updated: 2024-11-28T11:54:28.833Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Vulnerability

Hadoop

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

Alias Description	Association Type	Votes
The CVE-2017-17215 Vulnerability is associated with CVE-2014-8361. CVE-2017-17215 is a significant vulnerability found in Huawei HG532 routers, characterized as a flaw in software design or implementation. This vulnerability has been exploited to distribute malware through exposed Hadoop YARN servers and security flaws in Realtek SDK devices (CVE-2014-8361) and Hua	Unspecified	2

Source Document References

Information about the CVE-2014-8361 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
DARKReading	23 days ago	Russian Script Kiddie Assembles Massive DDoS Botnet
InfoSecurity-magazine	4 months ago	Unpatched CCTV Cameras Exploited to Spread Mirai Variant
Securityaffairs	4 months ago	Corona Mirai botnet spreads via AVTECH CCTV zero-day
CERT-EU	a year ago	Analysis of Active Satori Botnet Infections
CERT-EU	a year ago	CISA adds Owl Labs, Samsung, Realtek bugs to exploited vulnerability list
CERT-EU	a year ago	Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability
CISA	a year ago	CISA Adds Eight Known Exploited Vulnerabilities to Catalog \| CISA
Fortinet	2 years ago	2022 IoT Threat Review \| FortiGuard Labs
CERT-EU	2 years ago	New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
CERT-EU	2 years ago	พบ 'HinataBot' บอทเน็ตที่อาจสร้างการโจมตี DDoS ขนาด 3.3 Tbps ได้
CERT-EU	2 years ago	The Good, the Bad and the Ugly in Cybersecurity – Week 12 \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware – National Cyber Security Consulting