DarkCrystal RAT aka DCRat – Active IOCs

February 6, 2025

NJRAT – Active IOCs

February 6, 2025

CVE-2025-25246 – NETGEAR XR1000, XR1000v2, and XR500 Vulnerability

February 6, 2025

Severity

High

Analysis Summary

CVE-2025-25246

A remote code execution vulnerability affects NETGEAR XR1000, XR1000v2, and XR500 routers running specific firmware versions. This vulnerability allows unauthenticated users to execute arbitrary code on the affected devices remotely.

Impact

Code Execution

Indicators of Compromise

CVE

CVE-2025-25246

Affected Vendors

NETGEAR

Affected Products

NETGEAR XR1000
NETGEAR XR1000v2
NETGEAR XR500

Remediation

Refer to NETGEAR Security Advisory for patch, upgrade, or suggested workaround information.

NETGEAR Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

TeamViewer Windows Flaw Allows File Deletion as SYSTEM

Silver Fox Exploits Google Translate for Malware Attacks – Active IOCs

Multiple TP-Link TL-WR841N Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

DarkCrystal RAT aka DCRat – Active IOCs

NJRAT – Active IOCs

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation