New 'Goldoon' Botnet Targeting D-Link Devices
Fortinet News, Wednesday, May 1st, 2024
In April, FortiGuard Labs observed a new botnet targeting a D-Link vulnerability from nearly a decade ago, CVE-2015-2051.
This vulnerability allows remote attackers to execute arbitrary commands via a GetDeviceSettings action on the HNAP interface. As a result, an attacker can create a crafted HTTP request with a malicious command embedded in the header.