CVE-2017-17215

Vulnerability updated 22 days ago (2024-11-29T14:38:19.788Z)
Download STIX
Preview STIX
CVE-2017-17215 is a significant vulnerability found in Huawei HG532 routers, characterized as a flaw in software design or implementation. This vulnerability has been exploited to distribute malware through exposed Hadoop YARN servers and security flaws in Realtek SDK devices (CVE-2014-8361) and Huawei HG532 routers. The severity of this vulnerability is underscored by its high CVSS score of 8.8, which suggests a critical risk level. The exploitation of CVE-2017-17215 was observed during the infection process for HinataBot, a type of malware. This botnet malware was seen leveraging the vulnerability in the miniigd SOAP service on Realtek SDK devices (CVE-2014-8361), Huawei HG532 routers (CVE-2017-17215), as well as exposed Hadoop YARN servers. This multi-vector approach allowed the malware to infect a wide range of devices and networks, demonstrating the extensive reach of this vulnerability. Over a 30-day period, there was a notable daily detection count related to the remote code execution vulnerability in Huawei HG532 routers (CVE-2017-17215). This data, represented in Figure 5, provides evidence of the widespread exploitation of this vulnerability. The high frequency of detections underscores the urgent need for patching and remediation efforts to secure vulnerable devices and protect against potential future attacks.
Description last updated: 2024-05-04T17:10:57.207Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Vulnerabilities
To see the evidence that has resulted in these vulnerability associations, create a free account
Alias DescriptionAssociation TypeVotes
The CVE-2014-8361 Vulnerability is associated with CVE-2017-17215. CVE-2014-8361 is a significant vulnerability that was discovered in 2014. It is a remote code execution (RCE) flaw found in the Realtek Software Development Kit, which allows threat actors to execute arbitrary commands on the system. The vulnerability has been exploited by various malicious campaignUnspecified
2