The impacted products include routers, IP cameras, DVRs, and smart TVs.
Nearly four years after Mirai first demonstrated how ordinary Internet-connected devices could be turned into remotely controlled attack systems, variants of the malware continue to surface with troubling regularity.
This week, researchers from Trend Micro discovered a brand-new Mirai variant designed to exploit a set of previously disclosed vulnerabilities in routers, IP cameras, DVRs, and other products from multiple vendors, including Comtrend, D-Link, MV Power, Symantec, and AVTech.
Among the nine vulnerabilities the malware can exploit is a remote code execution flaw in a router model from Comtrend (CVE-2020-10173) that gives attackers a way to take control of the network managed by the router. Until this point, only proof-of-concept code for exploiting the flaw — first disclosed in March — had been available.
Source: Dark Reading