• About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us
AimactGrow
  • Home
  • Technology
  • AI
  • SEO
  • Coding
  • Gaming
  • Cybersecurity
  • Digital marketing
No Result
View All Result
  • Home
  • Technology
  • AI
  • SEO
  • Coding
  • Gaming
  • Cybersecurity
  • Digital marketing
No Result
View All Result
AimactGrow
No Result
View All Result

RondoDox Botnet Exploits 2018 Flaw in Asus Routers

Admin by Admin
May 23, 2026
Home Cybersecurity
Share on FacebookShare on Twitter


Endpoint Safety
,
Web of Issues Safety

Botnet Operators Execute First Identified Exploit of Practically Decade-Previous Flaw

Greg Sirico •
Might 22, 2026    

RondoDox Botnet Exploits 2018 Flaw in Asus Routers
Picture: Shutterstock

Operators behind a botnet picked up on a virtually decade-old flaw in Asus routers permitting an unauthenticated attacker to realize distant code execution as a root consumer.

See Additionally: Airways and Airports: Visibility Throughout OT, IoT, and IT

Researchers at VulnCheck flagged in-the-wild exploitation of CVE-2018-5999, a crucial flaw carrying a 9.8 CVSS rating, to the RondoDox botnet. The botnet, which surfaced in mid-2025 and focuses on Linux techniques, is usually classed as a variant of the Mirai botnet. “Not like Mirai, this malware’s sole function is to execute DoS assaults, whereas Mirai will not be solely able to doing DoS assaults but additionally scan and exploit different techniques,” wrote Bitsight in March.

VulnCheck started observing exploitation of the Asus vulnerability on Might 17. “Public exploits have been obtainable since 2018,” wrote VulnCheck CTO Jacob Baines in a Friday LinkedIn publish. “However till now, we hadn’t seen the vulnerability exploited within the wild.”

RondoDox depends on a multi-stage assault chain constructed round mass exploitation, notably specializing in end-of-life and IoT gadgets. Its scans for uncovered gadgets, making an attempt to take advantage of considered one of presumably dozens of embedded CVEs directly, usually chaining flaws collectively earlier than introducing a malware payload, which connects to command-and-control infrastructure.

“RondoDox is well-known for implementing a ton of exploits. Some analyses have tracked its CVE associations properly into the 170s, so it’s not stunning or new that they’re utilizing older ones too,” mentioned Baines.

In accordance with Bitsight evaluation, risk actors behind RondoDox seemingly monitor vulnerability disclosures, exploiting sure CVEs linked to client tech earlier than publication. With “compromised residential IPs” serving as its internet hosting infrastructure, the botnet depends on older vulnerabilities present in “broadly deployed, largely end-of-life client routers” to take care of persistence.

“There are a ton of Asus routers on-line, greater than 1 million, so it’s very conceivable that that is working for RondoDox,” mentioned Baines.

Tags: ASUSBotnetExploitsFlawRondoDoxRouters
Admin

Admin

Next Post
Trump Cellular Cellphone Evaluate: My Lengthy Weekend With The Golden T1

Trump Cellular Cellphone Evaluate: My Lengthy Weekend With The Golden T1

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

Elton John manufacturers authorities ‘absolute losers’ over AI copyright plans

Elton John manufacturers authorities ‘absolute losers’ over AI copyright plans

May 18, 2025
Christopher Ortiz AKA kiririn51 Talks .45 PARABELLUM BLOODHOUND, Inspirations, Fan Reactions, VA-11 Corridor-A, The Silver Case, and A lot Extra – TouchArcade

Christopher Ortiz AKA kiririn51 Talks .45 PARABELLUM BLOODHOUND, Inspirations, Fan Reactions, VA-11 Corridor-A, The Silver Case, and A lot Extra – TouchArcade

April 9, 2025

Trending.

Nsfw Chatgpt Options – Examples I’ve Used

Nsfw Chatgpt Options – Examples I’ve Used

October 13, 2025
ModeloRAT and Mistic Backdoor Exercise Linked to Ransomware Preliminary Entry Dealer

ModeloRAT and Mistic Backdoor Exercise Linked to Ransomware Preliminary Entry Dealer

June 24, 2026
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Acquire Root Entry

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Acquire Root Entry

June 25, 2026
Web Information Caps Defined: The right way to Keep away from Overages and Discover Limitless Plans

Web Information Caps Defined: The right way to Keep away from Overages and Discover Limitless Plans

September 23, 2025
Hijacked npm and Go Packages Use VS Code Duties to Deploy Python Infostealer

Hijacked npm and Go Packages Use VS Code Duties to Deploy Python Infostealer

June 29, 2026

AimactGrow

Welcome to AimactGrow, your ultimate source for all things technology! Our mission is to provide insightful, up-to-date content on the latest advancements in technology, coding, gaming, digital marketing, SEO, cybersecurity, and artificial intelligence (AI).

Categories

  • AI
  • Coding
  • Cybersecurity
  • Digital marketing
  • Gaming
  • SEO
  • Technology

Recent News

The place to Discover Black Beard’s Treasure

The place to Discover Black Beard’s Treasure

July 9, 2026
How AI Decides Which Pages to Search & Cite

How AI Decides Which Pages to Search & Cite

July 9, 2026
  • About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us

© 2025 https://blog.aimactgrow.com/ - All Rights Reserved

No Result
View All Result
  • Home
  • Technology
  • AI
  • SEO
  • Coding
  • Gaming
  • Cybersecurity
  • Digital marketing

© 2025 https://blog.aimactgrow.com/ - All Rights Reserved