BTC $66491.5139
ETH $3184.3983
BNB $601.6419
SOL $155.6108
stETH $3185.1637
XRP $0.5495
DOGE $0.1586
TON $5.8776
ADA $0.5099
AVAX $38.8942
wstETH $3708.0998
WBTC $66518.7062
DOT $7.3764
WETH $3184.7962
TRX $0.1114
BCH $512.3077
LINK $15.4337
MATIC $0.7334
UNI $8.1252
ICP $14.9003
LTC $84.7276
DAI $0.9990
CAKE $2.9972
RNDR $9.1863
IMX $2.3935
STX $3.0458
NEAR $6.9983
ETC $28.0765
FDUSD $1.0009
MNT $1.2093
FIL $6.5339
TAO $511.7762
OKB $54.7486
HBAR $0.0893
VET $0.0421
KAS $0.1250
ATOM $8.8532
GRT $0.3029
PEPE $0.0000
WIF $2.8536
FET $2.4350
MKR $2854.7795
INJ $28.3839
THETA $2.3975
USDE $0.9992
XLM $0.1167
CORE $2.5851
BTC $66491.5139
ETH $3184.3983
BNB $601.6419
SOL $155.6108
stETH $3185.1637
XRP $0.5495
DOGE $0.1586
TON $5.8776
ADA $0.5099
AVAX $38.8942
wstETH $3708.0998
WBTC $66518.7062
DOT $7.3764
WETH $3184.7962
TRX $0.1114
BCH $512.3077
LINK $15.4337
MATIC $0.7334
UNI $8.1252
ICP $14.9003
LTC $84.7276
DAI $0.9990
CAKE $2.9972
RNDR $9.1863
IMX $2.3935
STX $3.0458
NEAR $6.9983
ETC $28.0765
FDUSD $1.0009
MNT $1.2093
FIL $6.5339
TAO $511.7762
OKB $54.7486
HBAR $0.0893
VET $0.0421
KAS $0.1250
ATOM $8.8532
GRT $0.3029
PEPE $0.0000
WIF $2.8536
FET $2.4350
MKR $2854.7795
INJ $28.3839
THETA $2.3975
USDE $0.9992
XLM $0.1167
CORE $2.5851
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Cisco has fixed a bug that allowing you to keep the backdoor even when updating


    The malicious package will work until the device is reset to factory settings or until it is manually removed.

    Cisco released security updates this week to address a dangerous vulnerability in the Cisco IOx application hosting environment that could be used for command injection attacks.

    Vulnerability CVE-2023-20076 (CVSS: 7.2) is associated with incomplete cleaning of parameters passed during application activation. This was reported by security researchers from the Trellix Advanced Research Center.

    The bug allows a remote, authorized attacker to execute commands with root permissions on the underlying operating system without user interaction. A hacker can deploy and activate an application in a Cisco IOx hosting environment using the generated activation payload file.

    The company says the vulnerability affects the following Cisco devices:

    devices based on IOS XE, but only if they do not support native docker;
    industrial routers ISR series 800;
    computing modules CGR1000;
    industrial computing gateways IC3000;
    industrial routers IR510 WPAN;
    Cisco Catalyst Access Points (COS-APs).

    The company also confirmed that the CVE-2023-20076 vulnerability does not affect Catalyst 9000 series switches, IOS XR and NX-OS software, or Meraki products.

    Saved on reboot

    An attacker could only exploit this vulnerability if they have authenticated administrative access to the affected systems. However, Trellix researchers explained that cybercriminals use other flaws to allow privilege escalation, or may use different tactics to obtain administrator credentials.

    For example, to gain administrator access to target devices, they can use:

    Default Login Credentials: Many Cisco devices come with a default username and password of "cisco:cisco" or "admin:admin", which many users cannot change;
    Phishing: Hackers can trick employees into logging into a fake router user interface, or spoof an email from the router itself with a link to a login page "requesting a firmware update";
    Social engineering: attackers convince the user to pass credentials.

    According to experts, after obtaining the credentials, a cybercriminal can use CVE-2023-20076 to gain “unrestricted access, allowing malicious code to hide in the system and persist across reboots and firmware updates. The malicious package will work until the device is reset to factory settings or until it is manually removed.

    The Cisco Product Security Incident Response Team (PSIRT) states that it has found no evidence that this vulnerability is being exploited in a real-world environment.

    Author DeepWeb
    PixPirate is a new banking trojan for Android that uses a dangerous feature
    The largest university in Switzerland was subjected to a serious cyberattack

    Comments 0

    Add comment