How about an IP where some of this spam was sent from, so we can use it
for comparison to other spam and identify others affected? Provided a
link to a page that requires log in doesn't help.
Sorry for being hit. I'm sure it didn't make for a pleasant day
Richard
On 2022-10-29 12:09 p.m., Kenneth Vedder via mailop wrote:
Hi All,
We had some of our Calix 844G routers compromised by a SOCKS5
vulnerability this weekend. They were sending out spam. Calix is aware
of the compromise in their firmware. The information doesn't seem to be
posted publicly and I am a fan of open sharing of vulnerability info.
Anyone who has these routers and are in the same boat as me can login to
calix and find more information on the vulnerability at:
https://www.calix.com/bin/calix/servlets/docdownload?fileId=/content/dam/calix/doc-library/systems/prem/bulletins/gf-sb/premises_sb-22-005/Premises_SB-22-005_gc-socks5-exploit.pdf
<https://www.calix.com/bin/calix/servlets/docdownload?fileId=/content/dam/calix/doc-library/systems/prem/bulletins/gf-sb/premises_sb-22-005/Premises_SB-22-005_gc-socks5-exploit.pdf>
They plan to release a firmware fix by end of day October 31st.
Hope this message doesn't break any rules. Have a good weekend folks.
Ken
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
