Three actively exploited security flaws impacting TP-Link Archer AX-21 routers, the Apache Log4j2 logging library, and Oracle WebLogic Servers have been added by the Cybersecurity and Infrastructure Security Agency to its Known Exploited Vulnerabilities catalog, reports The Hacker News. Mirai botnet actors have been leveraging the command injection vulnerability in TP-Link Archer AX-21, tracked as CVE-2023-1389, in attacks seeking to achieve remote command execution since April 11, while up to 74 unique IP addresses were observed by GreyNoise to have been used to exploit the RCE flaw in Apache Log4j2, tracked as CVE-2021-45046, during the past month.
Read full article on SC Magazine