Comment - PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices

PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices

Created on 2025-03-03 21:30, updated on 2025-03-03 21:30, by Cédric Bonhomme

JSON CVE-2023-20118

French cybersecurity company Sekoia observed the unknown threat actors deploying a backdoor by leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers that could result in arbitrary command execution on susceptible devices.

CVE-2023-20118 is leading to a webshell installation.

Related vulnerabilities

CVE-2023-20118

Meta

[
  {
    "ref": [
      "https://blog.sekoia.io/polaredge-unveiling-an-uncovered-iot-botnet/",
      "https://securityscorecard.com/wp-content/uploads/2025/02/MassiveBotnet-Report_022125_03.pdf"
    ]
  }
]