Contact Info

Atlas Cloud LLC 600 Cleveland Street Suite 348 Clearwater, FL 33755 USA

support@dedirock.com

Client Area
Recommended Services
Supported Scripts
WordPress
Hubspot
Joomla
Drupal
Wix
Shopify
Magento
Typeo3

A significant vulnerability has been discovered in select Four-Faith routers, exposing them to active exploits in the wild, according to findings by VulnCheck. This flaw, identified as CVE-2024-12856, has been assigned a high severity rating with a CVSS score of 7.2. The issue pertains to an operating system command injection in the router models F3x24 and F3x36.

While the severity is mitigated by the requirement for attackers to authenticate, those who do not alter the default router credentials may find themselves vulnerable to unauthenticated OS command execution.

VulnCheck’s investigation revealed that attackers are leveraging default credentials to exploit the routers and gain persistent remote access via a reverse shell. The attacks were traced back to a specific IP address known for previous exploits against Four-Faith devices.

The vulnerability can be triggered through an HTTP request using the /apply.cgi endpoint to modify the device’s system time, leading to potential unauthorized command execution. Data indicates that there are over 15,000 internet-facing routers that could be at risk due to this vulnerability.

Despite the potential danger, there are currently no patches available for this flaw. VulnCheck reported the vulnerability to the Chinese manufacturer on December 20, 2024. Investigations are ongoing, and updates are expected as more information becomes available from the manufacturer.


Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.

Share this Post
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x