New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)


Unit 42 researchers have observed exploits in the wild for a recently disclosed command injection vulnerability affecting WebSVN, an open-source web application for browsing source code. The critical command injection vulnerability was discovered and patched in May 2021. A proof of concept was released and within a week, on June 26, 2021, attackers exploited the vulnerability to deploy variants of the Mirai DDoS malware. We strongly recommend that WebSVN users upgrade to the latest software version.

Read more…
Source:  Palo Alto