{"vulnerability": "CVE-2023-25717", "sightings": [{"uuid": "f2ed4d07-bd68-4645-bbc1-97e5dd5c6b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "7380e4a4-05ea-4bcc-b11e-8444636685be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971817", "content": "", "creation_timestamp": "2024-12-24T20:34:25.693820Z"}, {"uuid": "6544a15b-0048-45bc-9ceb-4234f22649a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:41.000000Z"}, {"uuid": "2f66b3fd-faee-4ca6-948e-b4a5ffb0defa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:58.000000Z"}, {"uuid": "94b4123d-3913-4f58-87c9-bbc7c2cf25b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-25717", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/6af0b57b-a0d7-4c26-b727-ba346fff2936", "content": "", "creation_timestamp": "2026-02-02T12:26:59.039469Z"}, {"uuid": "3780b68d-61ea-4d92-bcd2-55ff5e8a6a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "https://t.me/GhostClanOfficial/394", "content": "CVE-2023-25717: RCE for Ruckus Wireless Admin with 9.8 rating \n\nAn old vulnerability that got a second chance with the advent of a new botnet type running through it.\n\nSearch on Netlas.io: \nLink: nt.ls/s1WYE\n\n#vulnerability_map #cybersecurity", "creation_timestamp": "2023-05-11T10:57:32.000000Z"}, {"uuid": "84a8e7d2-69fc-45d9-9b5c-908f00c5b5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "exploited", "source": "Telegram/sxL72x8qhyKKOtQxovNzYOwjzFFqKhVTqZiHm4TbxQ5iXQ", "content": "", "creation_timestamp": "2023-05-11T10:27:41.000000Z"}, {"uuid": "7e05da8c-3236-4a50-8cc3-e635d61d3287", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "https://t.me/KomunitiSiber/187", "content": "Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack\nhttps://thehackernews.com/2023/05/andoryu-botnet-exploits-critical-ruckus.html\n\nA nascent botnet called\u00a0Andoryu\u00a0has been found to\u00a0exploit\u00a0a now-patched critical security flaw in the Ruckus Wireless Admin panel to break into vulnerable devices.\nThe\u00a0flaw, tracked as\u00a0CVE-2023-25717\u00a0(CVSS score: 9.8), stems from improper handling of HTTP requests, leading to unauthenticated remote code execution and a complete compromise of wireless Access Point (AP) equipment.\nAndoryu was\u00a0", "creation_timestamp": "2023-05-11T09:52:42.000000Z"}, {"uuid": "83d171d8-a315-4992-addb-6cea0931624f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2963", "content": "CVE-2023-25717: RCE for Ruckus Wireless Admin with 9.8 rating \n\nAn old vulnerability that got a second chance with the advent of a new botnet type running through it.\n\nSearch on Netlas.io: \nLink: nt.ls/s1WYE\n\n#vulnerability_map #cybersecurity", "creation_timestamp": "2023-05-11T10:33:55.000000Z"}, {"uuid": "f66c074f-855a-4a09-b663-4a64c5596b39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "https://t.me/lcmysecteamch/4759", "content": "CVE-2023-25717: RCE for Ruckus Wireless Admin with 9.8 rating \n\nAn old vulnerability that got a second chance with the advent of a new botnet type running through it.\n\nSearch on Netlas.io: \nLink: nt.ls/s1WYE\n\n#vulnerability_map #cybersecurity", "creation_timestamp": "2023-05-11T10:56:55.000000Z"}, {"uuid": "17ccd4d1-be9d-4749-aa54-dbcb732ffe89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "https://t.me/lcmysecteamch/13497", "content": "CVE-2023-25717: RCE for Ruckus Wireless Admin with 9.8 rating \n\nAn old vulnerability that got a second chance with the advent of a new botnet type running through it.\n\nSearch on Netlas.io: \nLink: nt.ls/s1WYE\n\n#vulnerability_map #cybersecurity", "creation_timestamp": "2023-05-11T10:56:55.000000Z"}, {"uuid": "fadaf70a-c3fe-44bf-82ab-5119030ec5e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "https://t.me/true_secator/4361", "content": "Fortinet \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 AndoryuBot, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2023 \u0433\u043e\u0434\u0430, \u0430 \u0441 \u0430\u043f\u0440\u0435\u043b\u044f - \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Ruckus Wireless \u0434\u043b\u044f \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0445 \u0432 DDoS-\u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2023-25717 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0430\u043d\u0435\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Ruckus Wireless Admin \u0432\u0435\u0440\u0441\u0438\u0438 10.4 \u0438 \u0441\u0442\u0430\u0440\u0448\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b GET \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0438\u00a0\u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0435\u0449\u0435 8 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2023 \u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u0434\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0435 \u043c\u043d\u043e\u0433\u0438\u0435 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b  \u043f\u043e\u0441\u043f\u0435\u0448\u0438\u043b\u0438 \u0438\u0445 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c, \u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 EOL-\u043c\u043e\u0434\u0435\u043b\u0438 \u0432\u043e\u0432\u0441\u0435 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0417\u0430\u0440\u0430\u0436\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, AndoryuBot \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0441 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u0434\u0430\u043d\u043d\u043e\u0433\u043e URL-\u0430\u0434\u0440\u0435\u0441\u0430 \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u0432\u044f\u0437\u044c \u0441 C2 \u043f\u043e SOCKS \u0434\u043b\u044f \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432 \u0438 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 \u043f\u043e\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435\u043c \u0442\u0438\u043f\u0430 DDoS, \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u043d\u043e\u043c\u0435\u0440\u0430 \u043f\u043e\u0440\u0442\u0430 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438.\n\n\u041f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 Fortinet \u043e\u0431\u0440\u0430\u0437\u0435\u0446 \u0431\u044b\u043b \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u043f\u043e\u0434 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440, \u0432\u043a\u043b\u044e\u0447\u0430\u044f x86, arm, spc, m68k, mips, sh4 \u0438 mpsl \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u043b 12 \u0440\u0435\u0436\u0438\u043c\u043e\u0432 DDoS-\u0430\u0442\u0430\u043a.\n\n\u041a\u0430\u043a \u0438 \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0440\u0443\u0433\u0438\u0435, \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u041f\u041e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0431\u043e\u0442\u043d\u0435\u0442\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f DDoS \u043d\u0430 \u0437\u0430\u043a\u0430\u0437, \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044f \u043f\u043b\u0430\u0442\u0435\u0436\u0438 \u0432 \u043a\u0440\u0438\u043f\u0442\u0435 (XMR, BTC, ETH, USDT, CashApp).\n\n\u0417\u0430 \u0441\u0432\u043e\u0438 \u0443\u0441\u043b\u0443\u0433\u0438 \u043f\u0440\u043e\u0441\u044f\u0442 \u043e\u0442 20 \u0434\u043e 115 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u043b\u0430\u0433 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0438 \u043e\u0431\u044a\u0435\u043c\u0430 \u0430\u0442\u0430\u043a\u0438.\n\n\u041f\u0440\u043e\u0434\u0432\u0438\u0433\u0430\u0435\u0442\u0441\u044f Andoryu \u043d\u0430 YouTube, \u0433\u0434\u0435 \u0435\u0433\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043a\u0440\u0430\u0441\u043e\u0447\u043d\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u0430.\n\n\u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0430\u043d\u0435\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0435\u0441\u043b\u0438 \u043e\u043d \u043d\u0435 \u043e\u0441\u043e\u0431\u043e \u043d\u0443\u0436\u0435\u043d.", "creation_timestamp": "2023-05-10T14:50:57.000000Z"}, {"uuid": "5e7d9ddb-f234-40be-a93f-22cca0ad6d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "https://t.me/cibsecurity/58024", "content": "\u203c CVE-2023-25717 \u203c\n\nRuckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&amp;password=password$(curl substring.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T22:29:59.000000Z"}, {"uuid": "337a3c61-3bf6-428d-a4a1-32f8606b5d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "seen", "source": "https://t.me/theninjaway1337/1371", "content": "CISA: Several Old Linux Vulnerabilities Exploited in Attacks\n\nThe US Cybersecurity and Infrastructure Security Agency (CISA) has added several Linux and Linux-related flaws to its known exploited vulnerabilities (KEV) catalog.\nThe agency\u00a0added seven new vulnerabilities\u00a0to its KEV catalog on Friday: Ruckus AP remote code execution (CVE-2023-25717), Red Hat Polkit privilege escalation (CVE-2021-3560), Linux kernel privilege escalations (CVE-2014-0196 and CVE-2010-3904), Jenkins UI information disclosure (CVE-2015-5317), Apache Tomcat remote code execution (CVE-2016-8735), and an Oracle Java SE and JRockit issue (CVE-2016-3427).\n\nhttps://www.securityweek.com/cisa-several-old-linux-vulnerabilities-exploited-in-attacks/", "creation_timestamp": "2023-05-16T15:47:20.000000Z"}, {"uuid": "69d72efc-90e8-4c82-9523-3a35dde5f006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "exploited", "source": "https://t.me/information_security_channel/49885", "content": "AndoryuBot DDoS Botnet Exploiting Ruckus AP Vulnerability\nhttps://www.securityweek.com/andoryubot-ddos-botnet-exploiting-ruckus-ap-vulnerability/\n\nA DDoS botnet named AndoryuBot has been seen exploiting CVE-2023-25717, a recent remote code execution vulnerability affecting Ruckus access points. \nThe post AndoryuBot DDoS Botnet Exploiting Ruckus AP Vulnerability (https://www.securityweek.com/andoryubot-ddos-botnet-exploiting-ruckus-ap-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-05-09T12:59:31.000000Z"}, {"uuid": "b91179ac-812a-4be0-9be7-b66a170216bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "exploited", "source": "https://t.me/thehackernews/3344", "content": "\u26a1Warning: A nascent botnet called Andoryu is currently exploiting a critical vulnerability (CVE-2023-25717) to hijack Ruckus Wireless AP devices. \n \nLearn more at: https://thehackernews.com/2023/05/andoryu-botnet-exploits-critical-ruckus.html", "creation_timestamp": "2023-05-11T09:07:40.000000Z"}, {"uuid": "830fd3d2-9031-4b25-81b5-132fef944139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25717", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8269", "content": "#Malware_analysis\n1. AndoryuBot\nhttps://www.fortinet.com/blog/threat-research/andoryubot-new-botnet-campaign-targets-ruckus-wireless-admin-remote-code-execution-vulnerability-cve-2023-25717\n2. AsyncRAT Loader\nhttps://www.huntress.com/blog/advanced-cyberchef-tips-asyncrat-loader", "creation_timestamp": "2023-05-10T11:03:01.000000Z"}]}