Posted by malvuln on Jun 04
Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/464d7073f884b586b17950eef2908a6e.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.NerTe.772
Vulnerability: Authentication Bypass RCE
Description: The malware listens on TCP ports 21, 80 and drops an
executable named “scanregs.exe” under Windows dir. Third-party attackers
who can reach infected systems…
– Read More – Full Disclosure