Shellshock Vulnerability Spreads to NAS DevicesOct 02, 2014, 19:00 (2 Talkback[s])
(Other stories by Sean Michael Kerner)
The Shellshock vulnerability, first reported Sept. 24, could enable an attacker to inject arbitrary commands into a system where Bash is used. Bash is widely deployed on Linux operating systems, which are found in a wide variety of embedded devices, including NAS boxes.
FireEye reported that, starting on approximately Sept. 26, it began noticing Shellshock-related attacks against NAS devices. The attackers were not just scanning for vulnerable systems; they were also actually attempting to inject code that would allow them to retrieve files.
0 Talkback[s] (click to add your comment)