Vulnerability Management

Dozens of vulnerabilities targeted by massive RondoDox botnet

(Adobe Stock)

Nearly 60 security flaws impacting over 30 different devices, including routers, web servers, DVRs, and CCTV systems, have been harnessed by the newly emergent RondoDox botnet in attacks since June, reports BleepingComputer.

As part of its "exploit shotgun" strategy, RondoDox has exploited not only the TP-Link Archer AX21 Wi-Fi router vulnerability CVE-2023-1398, which was detailed at Pwn2Own Toronto 2022, but also bugs from QNAP, D-Link, Netgear, Tenda, and TOTOLINK, tracked as CVE-2023-47565, CVE-2024-10914, CVE-2025-7414, and CVE-2025-1829, respectively, according to an analysis from Trend Micro.

Exploits for 18 yet-to-be-designated command injection issues impacting D-Link network-attached storage appliances, Linksys, ASMAX, and Fiberhome routers, Brickcom cameras, and TVT and LILIN DVRs have also been harnessed by the massive botnet.

Organizations have been advised to counter the threat of RondoDox by ensuring up-to-date software, performing network segmentation, using unique and secure credentials, and isolating critical data from internet-exposed IoT devices.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds