DarkCrystal RAT aka DCRat – Active IOCs

February 6, 2025

NJRAT – Active IOCs

February 6, 2025

CVE-2025-25246 – NETGEAR XR1000, XR1000v2, and XR500 Vulnerability

February 6, 2025

Severity

High

Analysis Summary

CVE-2025-25246

A remote code execution vulnerability affects NETGEAR XR1000, XR1000v2, and XR500 routers running specific firmware versions. This vulnerability allows unauthenticated users to execute arbitrary code on the affected devices remotely.

Impact

Code Execution

Indicators of Compromise

CVE

CVE-2025-25246

Affected Vendors

NETGEAR

Affected Products

NETGEAR XR1000
NETGEAR XR1000v2
NETGEAR XR500

Remediation

Refer to NETGEAR Security Advisory for patch, upgrade, or suggested workaround information.

NETGEAR Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Urgent: Chaos Ransomware Strikes US Logistics Sector

SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs

Mirai Botnet aka Katana – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

DarkCrystal RAT aka DCRat – Active IOCs

NJRAT – Active IOCs

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.