Two newly disclosed flaws in TP-Link’s Omada and Festa VPN routers have exposed deep-seated weaknesses in the company’s firmware security.
The vulnerabilities, tracked as CVE-2025-7850 and CVE-2025-7851, were identified by researchers from Forescout’s Vedere Labs. These vulnerabilities were described as part of a recurring pattern of incomplete patching and residual debug code.
Read more…
Source: TechPro News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Two years on, Apple iOS VPNs still leak IP addresses
August 19, 2022
Apple has left a VPN bypass vulnerability in iOS unfixed for at least two years, leaving identifying IP traffic data exposed, and there’s no sign of a fix. Back in early 2020, secure mail provider ProtonMail reported a flaw in Apple’s iOS version 13.3.1 that prevented VPNs from encrypting all traffic. The issue was that the ...
- Over 9,000 VNC servers exposed online without a password
August 14, 2022
Researchers have discovered at least 9,000 exposed VNC (virtual network computing) endpoints that can be accessed and used without authentication, allowing threat actors easy access to internal networks. VNC (virtual network computing) is a platform-independent system meant to help users connect to systems that require monitoring and adjustments, offering control of a remote computer via RFB ...
- Palo Alto Networks Releases Security Update for PAN-OS
August 10, 2022
Palo Alto Networks has released a security update to address a vulnerability in PAN-OS firewall configurations. A remote attacker could exploit this vulnerability to conduct a reflected denial-of service. CISA encourages users and administrators to review the Palo Alto Networks Security Advisory CVE-2022-0028 and apply the necessary updates or workarounds. Read more… Source: U.S. Cybersecurity and Infrastructure Security ...
- New Linux malware brute-forces SSH servers to breach networks
August 4, 2022
A new botnet called ‘RapperBot’ is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device. The researchers show that RapperBot is based on the Mirai trojan but deviates from the the original malware’s normal behavior, which is uncontrolled propagation to as many ...
- Critical RCE vulnerability impacts 29 models of DrayTek routers
August 4, 2022
Researchers at Trellix have discovered a critical unauthenticated remote code execution (RCE) vulnerability impacting 29 models of the DrayTek Vigor series of business routers. The vulnerability is tracked as CVE-2022-32548 and carries a maximum CVSS v3 severity score of 10.0, categorizing it as critical. The attacker does not need credentials or user interaction to exploit the vulnerability, ...
- Microsoft finds Raspberry Robin worm in hundreds of Windows networks
July 1, 2022
Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors. The malware, dubbed Raspberry Robin, spreads via infected USB devices, and it was first spotted in September 2021 by Red Canary intelligence analysts. Cybersecurity firm Sekoia also observed it using QNAP NAS devices as command ...