{"id":128888,"date":"2023-06-23T01:46:56","date_gmt":"2023-06-23T08:46:56","guid":{"rendered":"https:\/\/unit42.paloaltonetworks.com\/?p=128888"},"modified":"2024-07-30T18:11:15","modified_gmt":"2024-07-31T01:11:15","slug":"mirai-variant-targets-iot-exploits","status":"publish","type":"post","link":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/","title":{"rendered":"\u6c88\u9ed9\u306eIoT: \u8907\u6570\u306eIoT\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u60aa\u7528\u3059\u308b\u6700\u65b0Mirai\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u89e3\u5256"},"content":{"rendered":"<h2><a id=\"post-128888-_4lt92rr5muov\"><\/a>\u6982\u8981<\/h2>\n<p>Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f2023\u5e743\u6708\u4ee5\u964d\u3001\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u304c\u8907\u6570\u306eIoT\u30c7\u30d0\u30a4\u30b9\u306e\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3001Mirai\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u4e9c\u7a2e\u3092\u62e1\u6563\u3057\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u3066\u3044\u307e\u3059\u3002\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3055\u308c\u3066\u3044\u305f\u8106\u5f31\u6027\u306f\u4ee5\u4e0b\u306e\u8868\u306e\u901a\u308a\u3067\u3059\u3002<\/p>\n<table style=\"width: 94.0771%; height: 816px;\">\n<tbody>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; text-align: center; height: 24px;\"><b>CVE\/\u88fd\u54c1<\/b><\/td>\n<td style=\"width: 94.9026%; text-align: center; height: 24px;\"><b>\u8aac\u660e<\/b><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-12725\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2019-12725<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">Zeroshell\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-17621\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2019-17621<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">D-Link DIR-859\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-20500\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2019-20500<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">D-Link DWL-2600AP\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u5b9f\u884c\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25296\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2021-25296<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">Nagios XI\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-46422\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2021-46422<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">Telesquare SDT-CW3B1\u30eb\u30fc\u30bf\u30fc\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27002\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2022-27002<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">Arris TR3300\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-29303\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2022-29303<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">SolarView Compact\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-30023\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2022-30023<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">Tenda HG9\u30eb\u30fc\u30bf\u30fc\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-30525\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2022-30525<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">Zyxel\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-31499\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2022-31499<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">Nortek Linear eMerge\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-37061\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2022-37061<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">FLIR AX8\u306e\u672a\u8a8d\u8a3c\u306eOS\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-40005\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2022-40005<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">Intelbras WiFiber 120 AC inMesh\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-45699\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2022-45699<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">APsystems ECU-R\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-1389\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2023-1389<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">TP-Link Archer\u30eb\u30fc\u30bf\u30fc\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-25280\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2023-25280<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">D-link DIR820LA1_FW105B03\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-27240\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CVE-2023-27240<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">Tenda AX3\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/www.kerneronsec.com\/2016\/02\/remote-code-execution-in-cctv-dvrs-of.html\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">CCTV\/DVR<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">CCTV\/DVR\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/www.exploit-db.com\/exploits\/42114\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">EnGenius EnShare<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">EnGenius EnShare\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/www.rapid7.com\/db\/modules\/exploit\/linux\/http\/mvpower_dvr_shell_exec\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">MVPower DVR<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">MVPower DVR \u30b7\u30a7\u30eb\u306e\u672a\u8a8d\u8a3c\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 48px;\">\n<td style=\"width: 31.3343%; height: 48px;\"><a href=\"https:\/\/seclists.org\/bugtraq\/2013\/Jun\/8\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Netgear DGN1000<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 48px;\"><span style=\"font-weight: 400;\">Netgear DGN1000\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/ssd-disclosure.com\/ssd-advisory-vacron-nvr-remote-command-execution\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Vacron NVR<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">Vacron NVR\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/span><\/td>\n<\/tr>\n<tr style=\"height: 24px;\">\n<td style=\"width: 31.3343%; height: 24px;\"><a href=\"https:\/\/www.f5.com\/labs\/articles\/threat-intelligence\/brickerbot-do-good-intentions-justify-the-meansor-deliver-meaningful-results\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">MediaTek WiMAX<\/span><\/a><\/td>\n<td style=\"width: 94.9026%; height: 24px;\"><span style=\"font-weight: 400;\">MediaTek WiMAX\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u306f\u3001\u4fb5\u5bb3\u3057\u305f\u30c7\u30d0\u30a4\u30b9\u3092\u5b8c\u5168\u306b\u5236\u5fa1\u4e0b\u306b\u304a\u304d\u3001\u305d\u308c\u3089\u306e\u30c7\u30d0\u30a4\u30b9\u3092\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u8fbc\u3080\u80fd\u529b\u3092\u6301\u3063\u3066\u3044\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u30c7\u30d0\u30a4\u30b9\u306f\u305d\u306e\u5f8c\u3001\u5206\u6563\u578b\u30b5\u30fc\u30d3\u30b9\u62d2\u5426(DDoS)\u653b\u6483\u306a\u3069\u3001\u3055\u3089\u306a\u308b\u653b\u6483\u306e\u5b9f\u884c\u306b\u4f7f\u7528\u3055\u308c\u307e\u3059\u3002<\/p>\n<p>\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306e<a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/next-generation-firewall\" target=\"_blank\" rel=\"noopener\">\u6b21\u4e16\u4ee3\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u88fd\u54c1<\/a>\u3092\u304a\u4f7f\u3044\u306e\u304a\u5ba2\u69d8\u306f\u3001<a href=\"https:\/\/www.paloaltonetworks.com\/network-security\/smart-devices-smarter-iot-security?utm_source=google-jg-amer-cdss&amp;utm_medium=paid_search&amp;utm_term=palo%20alto%20networks%20iot%20security&amp;utm_campaign=google-cdss-iot_security-amer-ca-awareness-en&amp;utm_content=gs-19633824690-151442986731-646705931499&amp;sfdcid=7014u000001hHCRAA2&amp;gclid=EAIaIQobChMI1Lm26OmS_QIVQUNyCh1G3gKWEAAYASAAEgJ3KvD_BwE\" target=\"_blank\" rel=\"noopener\">IoT Security<\/a>\u3001<a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/advanced-threat-prevention\" target=\"_blank\" rel=\"noopener\">Advanced Threat Prevention<\/a>\u3001<a href=\"https:\/\/www.paloaltonetworks.com\/network-security\/advanced-wildfire\" target=\"_blank\" rel=\"noopener\">WildFire<\/a>\u3001<a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/advanced-url-filtering\" target=\"_blank\" rel=\"noopener\">Advanced URL Filtering<\/a>\u306a\u3069\u306e<a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/security-subscriptions\" target=\"_blank\" rel=\"noopener\">\u30af\u30e9\u30a6\u30c9\u63d0\u4f9b\u578b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30b5\u30fc\u30d3\u30b9<\/a>\u3067\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3084\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u691c\u51fa\u30fb\u30d6\u30ed\u30c3\u30af\u3059\u308b\u3053\u3068\u306b\u3088\u308b\u4fdd\u8b77\u3092\u53d7\u3051\u3066\u3044\u307e\u3059\u3002<\/p>\n<table style=\"width: 100%; height: 24px;\">\n<thead>\n<tr style=\"height: 24px;\">\n<td style=\"width: 35%; height: 24px;\"><b>\u95a2\u9023\u3059\u308bUnit 42\u306e\u30c8\u30d4\u30c3\u30af<\/b><\/td>\n<td style=\"width: 100%; height: 24px;\"><a href=\"https:\/\/unit42.paloaltonetworks.jp\/tag\/IoT-ja\/\" target=\"_blank\" rel=\"noopener\"><b>IoT<\/b><\/a>, <strong><a href=\"https:\/\/unit42.paloaltonetworks.jp\/tag\/mirai-ja\/\" target=\"_blank\" rel=\"noopener\">Mirai<\/a>, <a href=\"https:\/\/unit42.paloaltonetworks.jp\/tag\/botnet-ja\/\" target=\"_blank\" rel=\"noopener\">botnet<\/a><\/strong><\/td>\n<\/tr>\n<\/thead>\n<\/table>\n<h2><a id=\"post-128888-_f71ef7pn9gyw\"><\/a>\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u5206\u6790<\/h2>\n<p>2023\u5e743\u670814\u65e5\u3001Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u3001\u5f0a\u793e\u8105\u5a01\u30cf\u30f3\u30c6\u30a3\u30f3\u30b0 \u30b7\u30b9\u30c6\u30e0\u304b\u3089\u3001<span style=\"font-family: 'courier new', courier, monospace;\">185.44.81[.]114<\/span>\u3092\u767a\u4fe1\u5143\u3068\u3059\u308b\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u78ba\u8a8d\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u306f\u3001\u30b7\u30a7\u30eb \u30b9\u30af\u30ea\u30d7\u30c8 \u30c0\u30a6\u30f3\u30ed\u30fc\u30c0\u30fc\u3092<span style=\"font-family: 'courier new', courier, monospace;\">y<\/span>\u3068\u3044\u3046\u30d5\u30a1\u30a4\u30eb\u540d\u3067<span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/zvub[.]us\/<\/span>\u304b\u3089\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3088\u3046\u3068\u3057\u3066\u3044\u307e\u3057\u305f\u3002<\/p>\n<p>\u5b9f\u884c\u3055\u308c\u308b\u3068\u3001\u3053\u306e\u30b7\u30a7\u30eb \u30b9\u30af\u30ea\u30d7\u30c8 \u30c0\u30a6\u30f3\u30ed\u30fc\u30c0\u30fc\u306f\u3001\u7570\u306a\u308bLinux\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306b\u5bfe\u5fdc\u3059\u308b\u305f\u3081\u306b\u3001\u4ee5\u4e0b\u306e\u30dc\u30c3\u30c8 \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n<ul>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/armv4l<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/armv5l<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/armv6l<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/armv7l<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/mips<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/mipsel<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/sh4<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/x86_64<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/i686<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/i586<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/arc<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/m68k<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">hxxp:\/\/185.225.74[.]251\/sparc<\/span><\/li>\n<\/ul>\n<p>\u30dc\u30c3\u30c8 \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3092\u5b9f\u884c\u5f8c\u3001\u3053\u306e\u30b7\u30a7\u30eb \u30b9\u30af\u30ea\u30d7\u30c8 \u30c0\u30a6\u30f3\u30ed\u30fc\u30c0\u30fc\u306f\u3001\u75d5\u8de1\u3092\u6d88\u3059\u305f\u3081\u306b\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u5b9f\u884c\u53ef\u80fd\u30d5\u30a1\u30a4\u30eb\u3092\u524a\u9664\u3057\u307e\u3059\u3002<\/p>\n<p>Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u30db\u30b9\u30c8\u3057\u3066\u3044\u308b\u30c9\u30e1\u30a4\u30f3\u306e\u5206\u6790\u3092\u884c\u3063\u305f\u3068\u3053\u308d\u3001\u30c9\u30e1\u30a4\u30f3<span style=\"font-family: 'courier new', courier, monospace;\">zvub[.]us<\/span>\u306b\u306f\u5bfe\u5fdc\u3059\u308bIP\u30a2\u30c9\u30ec\u30b9\u304c2\u3064\u3042\u308b\u3053\u3068\u304c\u5224\u660e\u3057\u307e\u3057\u305f\u3002<\/p>\n<ul>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">185.44.81[.]114<\/span> (2022\u5e748\u670815\u65e5\u304b\u30892023\u5e743\u670824\u65e5\u307e\u3067)<\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">185.225.74[.]251<\/span> (2023\u5e743\u670825\u65e5\u4ee5\u964d)<\/li>\n<\/ul>\n<p>\u904e\u53bb\u306b\u9061\u3063\u3066\u5fb9\u5e95\u7684\u306a\u5206\u6790\u3092\u884c\u3063\u305f\u3068\u3053\u308d\u30012022\u5e7410\u67086\u65e5\u4ee5\u964d\u3001<span style=\"font-family: 'courier new', courier, monospace;\">185.44.81[.]114<\/span>\u304b\u3089\u306etelnet\u30d6\u30eb\u30fc\u30c8 \u30d5\u30a9\u30fc\u30b9\u8a66\u884c\u3068\u30012023\u5e743\u670814\u65e5\u4ee5\u964d\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u8a66\u884c\u306b\u6c17\u3065\u304d\u307e\u3057\u305f\u3002<\/p>\n<p>Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u307e\u305f\u30012023\u5e744\u670811\u65e5\u4ee5\u964d\u3001IP\u30a2\u30c9\u30ec\u30b9<span style=\"font-family: 'courier new', courier, monospace;\">193.32.162[.]189<\/span>\u3092\u767a\u4fe1\u5143\u3068\u3059\u308b\u5225\u306e\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306b\u3082\u6c17\u4ed8\u304d\u307e\u3057\u305f(\u56f31)\u3002\u3053\u306e\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306f\u3001\u540c\u3058\u30b7\u30a7\u30eb \u30b9\u30af\u30ea\u30d7\u30c8 \u30c0\u30a6\u30f3\u30ed\u30fc\u30c0\u30fc\u3092<span style=\"font-family: 'courier new', courier, monospace;\">zvub[.]us<\/span>\u304b\u3089\u914d\u4fe1\u3059\u308b\u3082\u306e\u3067\u3057\u305f\u3002\u5206\u6790\u306e\u7d50\u679c\u3001\u4ee5\u4e0b\u306e\u7406\u7531\u304b\u3089\u3001\u3053\u308c\u30892\u3064\u306e\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306f\u540c\u4e00\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u306b\u3088\u308b\u30aa\u30da\u30ec\u30fc\u30b7\u30e7\u30f3\u3068\u8003\u3048\u3089\u308c\u307e\u3059\u3002<\/p>\n<ul>\n<li>\u3053\u308c\u30892\u3064\u306e\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306f\u540c\u4e00\u306e\u30a4\u30f3\u30d5\u30e9\u3092\u5171\u6709\u3057\u3066\u3044\u308b<\/li>\n<li>\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u30b5\u30f3\u30d7\u30eb\u304c\u307b\u307c\u4e00\u81f4\u3057\u3066\u3044\u308b<\/li>\n<\/ul>\n<figure id=\"attachment_128827\" aria-describedby=\"caption-attachment-128827\" style=\"width: 900px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128828 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/chart-3-ja.png\" alt=\"\u753b\u50cf1\u306f\u30012022\u5e7410\u6708\u301c2023\u5e745\u6708\u306e\u8106\u5f31\u6027\u3068\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u8a66\u884c\u306e\u30b0\u30e9\u30d5\u3067\u3059\u3002\u6700\u3082\u591a\u3044\u306e\u306f2023\u5e745\u6708\u306e924\u4ef6\u3067\u3001\u6b21\u306b\u591a\u3044\u306e\u304c2023\u5e744\u6708\u306e821\u4ef6\u3067\u3059\u3002\" width=\"900\" height=\"518\" \/><figcaption id=\"caption-attachment-128827\" class=\"wp-caption-text\">\u56f31. \u8106\u5f31\u6027\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u8a66\u884c\u6570<\/figcaption><\/figure>\n<p>\u56f32\u306b\u3053\u306e\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u6982\u8981\u3092\u793a\u3057\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128829\" aria-describedby=\"caption-attachment-128829\" style=\"width: 900px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128830 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-2-1-ja.png\" alt=\"\u753b\u50cf2\u306f\u3053\u306e\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u6982\u8981\u306e\u30bf\u30a4\u30e0\u30e9\u30a4\u30f3\u3067\u3059\u3002\u653b\u6483\u5143\u3067\u3042\u308bIP\u30a2\u30c9\u30ec\u30b9\u304b\u3089\u59cb\u307e\u3063\u3066\u3001\u65b0\u305f\u306a\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u542b\u3080\u3059\u3079\u3066\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u304c\u4e00\u89a7\u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u671f\u9593\u306f2022\u5e748\u6708\u4e2d\u65ec\u304b\u30892023\u5e745\u67081\u65e5\u307e\u3067\u3067\u3059\u3002\" width=\"900\" height=\"372\" \/><figcaption id=\"caption-attachment-128829\" class=\"wp-caption-text\">\u56f32. \u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u6982\u8981\u56f3<\/figcaption><\/figure>\n<h2><a id=\"post-128888-_wven14kmgum2\"><\/a>\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u5206\u6790<\/h2>\n<p>\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3055\u308c\u305f\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8 \u30af\u30e9\u30a4\u30a2\u30f3\u30c8 \u30b5\u30f3\u30d7\u30eb\u306e\u5206\u6790\u4e2d\u3001Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u89b3\u6e2c\u3057\u305f\u6319\u52d5\u3084\u30d1\u30bf\u30fc\u30f3\u304b\u3089\u3059\u308b\u3068\u3001\u3053\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8 \u30b5\u30f3\u30d7\u30eb\u306fMirai\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u4e9c\u7a2e\u3068\u8003\u3048\u3089\u308c\u307e\u3059\u3002<\/p>\n<p>\u5b9f\u884c\u3059\u308b\u3068\u3001\u3053\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8 \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306f\u30b3\u30f3\u30bd\u30fc\u30eb\u306b<span style=\"font-family: 'courier new', courier, monospace;\">listening tun0<\/span>\u3068\u8868\u793a\u3057\u307e\u3059\u3002\u307e\u305f\u3053\u306e\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u3001\u540c\u3058\u30c7\u30d0\u30a4\u30b9\u4e0a\u3067\u5b9f\u884c\u3055\u308c\u308b\u81ea\u8eab\u306e\u30de\u30eb\u30a6\u30a7\u30a2 \u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u30921\u3064\u3060\u3051\u306b\u3059\u308b\u6a5f\u80fd\u3092\u6301\u3063\u3066\u3044\u307e\u3059\u3002\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8 \u30d7\u30ed\u30bb\u30b9\u304c\u3059\u3067\u306b\u5b58\u5728\u3057\u3066\u3044\u308b\u5834\u5408\u3001\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8 \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306f\u5b9f\u884c\u4e2d\u306e\u30d7\u30ed\u30bb\u30b9\u3092\u7d42\u4e86\u3055\u305b\u3001\u65b0\u305f\u306a\u30d7\u30ed\u30bb\u30b9\u3092\u958b\u59cb\u3057\u307e\u3059\u3002<\/p>\n<p>\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8 \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u69cb\u6210\u7528\u6587\u5b57\u5217\u306b\u3064\u3044\u3066\u3044\u3048\u3070\u3001\u3053\u306eMirai\u306e\u4e9c\u7a2e\u306f(<a href=\"https:\/\/unit42.paloaltonetworks.jp\/mirai-variant-iz1h9\/\">IZ1H9<\/a>\u3084<a href=\"https:\/\/unit42.paloaltonetworks.jp\/mirai-variant-v3g4\/\">V3G4<\/a>\u3068\u540c\u69d8\u306b)\u307e\u305a\u6697\u53f7\u5316\u3055\u308c\u305f\u6587\u5b57\u5217\u30c6\u30fc\u30d6\u30eb\u3092\u521d\u671f\u5316\u3057\u3001\u6b21\u306b\u30a4\u30f3\u30c7\u30c3\u30af\u30b9\u3092\u4ecb\u3057\u3066\u6587\u5b57\u5217\u3092\u53d6\u5f97\u3057\u307e\u3059\u3002\u305f\u3060\u3057\u3001\u3053\u306e\u4e9c\u7a2e\u306f(\u56f33\u306b\u793a\u3057\u305f\u3088\u3046\u306b)\u30a4\u30f3\u30c7\u30c3\u30af\u30b9\u3092\u4ecb\u3057\u3066<span style=\"font-family: 'courier new', courier, monospace;\">.rodata<\/span>\u30bb\u30af\u30b7\u30e7\u30f3\u306e\u6697\u53f7\u5316\u3055\u308c\u305f\u6587\u5b57\u5217\u306b\u76f4\u63a5\u30a2\u30af\u30bb\u30b9\u3057\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128831\" aria-describedby=\"caption-attachment-128831\" style=\"width: 541px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128831 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-3-1.png\" alt=\"\u753b\u50cf3\u306f\u3001Mirai\u4e9c\u7a2e\u304c\u69cb\u6210\u7528\u306e\u6587\u5b57\u5217\u3092\u53d6\u5f97\u3059\u308b\u3088\u3046\u3059\u3092\u793a\u3057\u305f\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u8d64\u3044\u67a0\u3067\u30cf\u30a4\u30e9\u30a4\u30c8\u3057\u3066\u3044\u307e\u3059\u3002\" width=\"541\" height=\"469\" \/><figcaption id=\"caption-attachment-128831\" class=\"wp-caption-text\">\u56f33. Mirai\u4e9c\u7a2e\u304c\u69cb\u6210\u7528\u6587\u5b57\u5217\u3092\u53d6\u5f97\u3057\u3066\u3044\u308b\u3068\u3053\u308d<\/figcaption><\/figure>\n<p>\u306a\u304a\u3001<a href=\"https:\/\/unit42.paloaltonetworks.jp\/mirai-variant-iz1h9\/\">IZ1H9<\/a>\u3084<a href=\"https:\/\/unit42.paloaltonetworks.jp\/mirai-variant-v3g4\/\">V3G4<\/a>\u3068\u3044\u3063\u305fMirai\u4e9c\u7a2e\u306e\u5834\u5408\u3001\u69cb\u6210\u306b\u306f\u3053\u306e\u4e9c\u7a2e\u306e\u30d6\u30e9\u30f3\u30c1\u540d\u3092\u793a\u3059\u6587\u5b57\u5217(\u305f\u3068\u3048\u3070<span style=\"font-family: 'courier new', courier, monospace;\">\/bin\/busybox<\/span> <span style=\"font-family: 'courier new', courier, monospace;\">IZ1H9<\/span>\uff09\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u304c\u3001\u3053\u306e\u4e9c\u7a2e\u306b\u306f\u30d6\u30e9\u30f3\u30c1\u540d\u304c\u306a\u3044\u70b9\u306b\u3054\u6ce8\u610f\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>\u69cb\u6210\u306e\u5fa9\u53f7\u306e\u305f\u3081\u306b\u3001\u3053\u306eMirai\u4e9c\u7a2e\u306f\u307e\u305a\u30c6\u30fc\u30d6\u30eb\u306e\u9375<span style=\"font-family: 'courier new', courier, monospace;\">0xDEADBEEF<\/span>\u3092\u4f7f\u3063\u30661\u30d0\u30a4\u30c8\u306e\u69cb\u6210\u5fa9\u53f7\u9375<span style=\"font-family: 'courier new', courier, monospace;\">0x22<\/span>\u3092\u751f\u6210\u3057\u3001\u6b21\u306b\u6697\u53f7\u5316\u3055\u308c\u305f\u69cb\u6210\u306b\u5bfe\u3057\u3066\u3001\u4ee5\u4e0b\u306e\u30d0\u30a4\u30c8\u5358\u4f4d\u306e\u6f14\u7b97\u3067XOR\u5fa9\u53f7\u3092\u5b9f\u884c\u3057\u307e\u3059\uff1a<\/p>\n<p style=\"padding-left: 40px;\"><span style=\"font-family: 'courier new', courier, monospace;\">encrypted_char ^ 0x22 = decrypted_char<\/span><\/p>\n<p>\u5206\u6790\u4e2d\u3001Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u3001\u3053\u306eMirai\u30b5\u30f3\u30d7\u30eb\u306b\u306ftelnet\/SSH\u30ed\u30b0\u30a4\u30f3 \u30af\u30ec\u30c7\u30f3\u30b7\u30e3\u30eb\u3092\u30d6\u30eb\u30fc\u30c8 \u30d5\u30a9\u30fc\u30b9\u3057\u3066\u8106\u5f31\u6027\u3092\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3059\u308b\u6a5f\u80fd\u304c\u542b\u307e\u308c\u3066\u3044\u306a\u3044\u3053\u3068\u306b\u6c17\u3065\u304d\u307e\u3057\u305f\u3002\u3064\u307e\u308a\u3053\u306e\u4e9c\u7a2e\u306e\u62e1\u6563\u7528\u30c1\u30e3\u30f3\u30cd\u30eb\u306f\u3001\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8 \u30aa\u30da\u30ec\u30fc\u30bf\u30fc\u306e\u624b\u52d5\u306b\u3088\u308b\u8106\u5f31\u6027\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u8a66\u884c\u306e\u307f\u3068\u3044\u3046\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<h2><a id=\"post-128888-_2an8ryq91inv\"><\/a>\u7d50\u8ad6<\/h2>\n<p>\u3044\u305f\u308b\u3068\u3053\u308d\u3067IoT\u30c7\u30d0\u30a4\u30b9\u306e\u666e\u53ca\u30c8\u30ec\u30f3\u30c9\u304c\u7d9a\u3044\u3066\u3044\u307e\u3059\u304c\u3001\u3053\u308c\u3089\u306e\u30c7\u30d0\u30a4\u30b9\u3092\u53d6\u308a\u5dfb\u304f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3078\u306e\u6839\u5f37\u3044\u61f8\u5ff5\u306f\u7121\u8996\u3067\u304d\u306a\u3044\u3082\u306e\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u30022016\u5e74\u306b\u767a\u898b\u3055\u308c\u305fMirai\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u30a2\u30af\u30c6\u30a3\u30d3\u30c6\u30a3\u306f\u73fe\u5728\u3082\u307e\u3060\u898b\u3089\u308c\u307e\u3059\u3002\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u304cIoT\u30c7\u30d0\u30a4\u30b9\u3092\u3082\u3066\u306f\u3084\u3059\u5927\u304d\u306a\u7406\u7531\u306f\u3001\u305d\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4e0a\u306e\u6b20\u9665\u306b\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>IoT\u30c7\u30d0\u30a4\u30b9\u3092\u6a19\u7684\u3068\u3059\u308b\u3053\u308c\u3089\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027\u306f\u3001\u60aa\u7528\u306e\u5bb9\u6613\u3055\u3068\u5f71\u97ff\u5ea6\u306e\u5927\u304d\u3055\u304c\u3042\u3044\u307e\u3063\u3066\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u306b\u3068\u3063\u3066\u306f\u9b45\u529b\u306e\u3042\u308b\u6a19\u7684\u3068\u306a\u3063\u3066\u304a\u308a\u3001\u7d50\u679c\u3068\u3057\u3066\u305d\u308c\u3089\u306e\u8105\u5a01\u304b\u3089IoT\u30c7\u30d0\u30a4\u30b9\u3092\u4fdd\u8b77\u3059\u308b\u3053\u3068\u304c\u55ab\u7dca\u306e\u8ab2\u984c\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u3053\u3046\u3057\u305f\u8105\u5a01\u306b\u5bfe\u6297\u3059\u308b\u305f\u3081\u3001\u53ef\u80fd\u306a\u304b\u304e\u308a\u30d1\u30c3\u30c1\u3084\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u9069\u7528\u3059\u308b\u3053\u3068\u304c\u5f37\u304f\u63a8\u5968\u3055\u308c\u307e\u3059\u3002<\/p>\n<p>\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306e\u304a\u5ba2\u69d8\u306f\u3001\u4ee5\u4e0b\u306e\u88fd\u54c1\u3068\u30b5\u30fc\u30d3\u30b9\u306b\u3088\u308a\u3001\u3053\u308c\u3089\u306e\u8106\u5f31\u6027\u3084\u30de\u30eb\u30a6\u30a7\u30a2\u304b\u3089\u306e\u4fdd\u8b77\u3092\u53d7\u3051\u3066\u3044\u307e\u3059\u3002<\/p>\n<ul>\n<li>Threat Prevention\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3\u3092\u6709\u52b9\u306b\u3057\u3066\u3044\u308b\u6b21\u4e16\u4ee3\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u3092\u3001\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u306b\u5f93\u3063\u3066\u8a2d\u5b9a\u3057\u3066\u3044\u308b\u5834\u5408\u3001Threat Prevention\u30b7\u30b0\u30cd\u30c1\u30e3\u30fc(<a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=30760\">30760<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=37073\">37073<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=37752\">37752<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=54659\">54659<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=54553\">54553<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=54537\">54537<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=54619\">54619<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=58706\">58706<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=57437\">57437<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=55795\">55795<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=57191\">57191<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=90873\">90873<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=92611\">92611<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=93863\">93863<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=92626\">92626<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=92714\">92714<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=93859\">93859<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=92579\">92579<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=93044\">93044<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=93283\">93283<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=93587\">93587<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=93872\">93872<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=93749\">93749<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=93874\">93874<\/a>, <a href=\"https:\/\/threatvault.paloaltonetworks.com\/?query=93973\">93973<\/a>)\u3092\u4ecb\u3057\u3066\u653b\u6483\u3092\u963b\u6b62\u3067\u304d\u307e\u3059\u3002<\/li>\n<li><a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/advanced-threat-prevention\">Advanced Threat Prevention<\/a>\u306f\u3001\u30a4\u30f3\u30e9\u30a4\u30f3\u6a5f\u68b0\u5b66\u7fd2\u30d9\u30fc\u30b9\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u691c\u51fa\u6a5f\u80fd\u3092\u5099\u3048\u3001\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092\u30ea\u30a2\u30eb\u30bf\u30a4\u30e0\u306b\u691c\u51fa\u3067\u304d\u307e\u3059\u3002<\/li>\n<li><a href=\"https:\/\/www.paloaltonetworks.jp\/products\/secure-the-network\/wildfire\">WildFire<\/a>\u306f\u9759\u7684\u30b7\u30b0\u30cd\u30c1\u30e3\u30fc\u691c\u51fa\u306b\u3088\u308a\u540c\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u963b\u6b62\u3057\u307e\u3059\u3002<\/li>\n<li><a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/advanced-url-filtering\">Advanced URL Filtering<\/a>\u3068<a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/dns-security\">DNS Security<\/a>\u306f\u3001C2\u30c9\u30e1\u30a4\u30f3\u3084\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u30db\u30b9\u30c8\u3057\u3066\u3044\u308bURL\u3092\u30d6\u30ed\u30c3\u30af\u3067\u304d\u307e\u3059\u3002<\/li>\n<li>\u5f0a\u793e\u306eIoT Security\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u306f\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u60c5\u5831\u3092\u4f7f\u3063\u3066\u3001\u30c7\u30d0\u30a4\u30b9 \u30d9\u30f3\u30c0\u30fc\u3001\u30e2\u30c7\u30eb\u3001\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u3092\u7279\u5b9a\u3057\u3001\u524d\u8ff0\u306eCVE\u306b\u5bfe\u3057\u3066\u8106\u5f31\u306a\u7279\u5b9a\u30c7\u30d0\u30a4\u30b9\u3092\u8b58\u5225\u3067\u304d\u307e\u3059\u3002<\/li>\n<li>\u3055\u3089\u306b\u3001<a href=\"https:\/\/www.paloaltonetworks.jp\/network-security\/iot-security\">IoT Security<\/a>\u306b\u306f\u6a5f\u68b0\u5b66\u7fd2\u30d9\u30fc\u30b9\u306e\u30a2\u30ce\u30de\u30ea\u30fc(\u7570\u5e38)\u691c\u77e5\u6a5f\u80fd\u304c\u7d44\u307f\u8fbc\u307e\u308c\u3066\u304a\u308a\u3001\u30c7\u30d0\u30a4\u30b9\u304c\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u5e73\u6642\u3068\u7570\u306a\u308b\u6319\u52d5\u3092\u793a\u3057\u305f\u5834\u5408\u306b\u306f\u30e6\u30fc\u30b6\u30fc\u306b\u30a2\u30e9\u30fc\u30c8\u304c\u9001\u3089\u308c\u307e\u3059\u3002\n<ul>\n<li>\u65b0\u305f\u306a\u63a5\u7d9a\u5143\u304b\u3089\u306e\u5510\u7a81\u306a\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u51fa\u73fe<\/li>\n<li>\u63a5\u7d9a\u6570\u306e\u7570\u5e38\u306a\u591a\u3055<\/li>\n<li>IoT\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30da\u30a4\u30ed\u30fc\u30c9\u306b\u3088\u304f\u898b\u3089\u308c\u308b\u7279\u5b9a\u306e\u5c5e\u6027\u306e\u4e0d\u53ef\u89e3\u306a\u6025\u5897<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u306f\u3001\u30d5\u30a1\u30a4\u30eb \u30b5\u30f3\u30d7\u30eb\u3084IoC(\u4fb5\u5bb3\u6307\u6a19)\u3092\u3075\u304f\u3080\u8abf\u67fb\u7d50\u679c\u3092Cyber Threat Alliance (CTA: \u30b5\u30a4\u30d0\u30fc\u8105\u5a01\u30a2\u30e9\u30a4\u30a2\u30f3\u30b9)\u306e\u30e1\u30f3\u30d0\u30fc\u3068\u5171\u6709\u3057\u307e\u3057\u305f\u3002CTA \u306e\u30e1\u30f3\u30d0\u30fc\u306f\u3053\u306e\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u3092\u4f7f\u3063\u3066\u3001\u304a\u5ba2\u69d8\u306b\u4fdd\u8b77\u3092\u8fc5\u901f\u306b\u63d0\u4f9b\u3057\u3001\u60aa\u610f\u306e\u3042\u308b\u30b5\u30a4\u30d0\u30fc\u653b\u6483\u8005\u3092\u4f53\u7cfb\u7684\u306b\u963b\u5bb3\u3067\u304d\u307e\u3059\u3002\u8a73\u7d30\u306b\u3064\u3044\u3066\u306f<a class=\"c-link\" href=\"https:\/\/www.cyberthreatalliance.org\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-sk=\"tooltip_parent\" data-stringify-link=\"https:\/\/www.cyberthreatalliance.org\/\">Cyber Threat Alliance<\/a>\u306b\u3066\u3054\u78ba\u8a8d\u304f\u3060\u3055\u3044\uff61<\/p>\n<h2><a id=\"post-128888-_v8176g40kstn\"><\/a>IoC (\u4fb5\u5bb3\u6307\u6a19)<\/h2>\n<h3><a id=\"post-128888-_iyoqpwvqf6qi\"><\/a>\u30b7\u30a7\u30eb \u30b9\u30af\u30ea\u30d7\u30c8 \u30c0\u30a6\u30f3\u30ed\u30fc\u30c0\u30fc\u306e\u30b5\u30f3\u30d7\u30eb<\/h3>\n<ul>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">888f4a852642ce70197f77e213456ea2b3cfca4a592b94647827ca45adf2a5b8<\/span><\/li>\n<\/ul>\n<h3><a id=\"post-128888-_763h15eckspk\"><\/a>Mirai\u306e\u30b5\u30f3\u30d7\u30eb<\/h3>\n<ul>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">b43a8a56c10ba17ddd6fa9a8ce10ab264c6495b82a38620e9d54d66ec8677b0c<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">b45142a2d59d16991a38ea0a112078a6ce42c9e2ee28a74fb2ce7e1edf15dce3<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">366ddbaa36791cdb99cf7104b0914a258f0c373a94f6cf869f946c7799d5e2c6<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">413e977ae7d359e2ea7fe32db73fa007ee97ee1e9e3c3f0b4163b100b3ec87c2<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">2d0c8ab6c71743af8667c7318a6d8e16c144ace8df59a681a0a7d48affc05599<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">4cb8c90d1e1b2d725c2c1366700f11584f5697c9ef50d79e00f7dd2008e989a0<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">461f59a84ccb4805c4bbd37093df6e8791cdf1151b2746c46678dfe9f89ac79d<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">aed078d3e65b5ff4dd4067ae30da5f3a96c87ec23ec5be44fc85b543c179b777<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">0d404a27c2f511ea7f4adb8aa150f787b2b1ff36c1b67923d6d1c90179033915<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">eca42235a41dbd60615d91d564c91933b9903af2ef3f8356ec4cfff2880a2f19<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">3f427eda4d4e18fb192d585fca1490389a1b5f796f88e7ebf3eceec51018ef4d<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">aaf446e4e7bfc05a33c8d9e5acf56b1c7e95f2d919b98151ff2db327c333f089<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">4f53eb7fbfa5b68cad3a0850b570cbbcb2d4864e62b5bf0492b54bde2bdbe44b<\/span><\/li>\n<\/ul>\n<h3><a id=\"post-128888-_6wew3cuhgk7k\"><\/a>\u30a4\u30f3\u30d5\u30e9<\/h3>\n<ul>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">zvub[.]us<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">185.225.74[.]251<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">185.44.81[.]114<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">193.32.162[.]189<\/span><\/li>\n<\/ul>\n<h2><a id=\"post-128888-_570cbe1pdhwx\"><\/a>\u8ffd\u52a0\u30ea\u30bd\u30fc\u30b9<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.zerodayinitiative.com\/blog\/2023\/4\/21\/tp-link-wan-side-vulnerability-cve-2023-1389-added-to-the-mirai-botnet-arsenal\" target=\"_blank\" rel=\"noopener\">TP-Link WAN-SIDE Vulnerability CVE-2023-1389 Added to the Mirai Botnet Arsenal<\/a> - Zero Day Initiative<\/li>\n<li><a href=\"https:\/\/unit42.paloaltonetworks.jp\/unit42-finds-new-mirai-gafgyt-iotlinux-botnet-campaigns\/\" target=\"_blank\" rel=\"noopener\">Mirai\u3068Gafgyt\u306e\u65b0\u305f\u306aIoT\/Linux\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u653b\u6483\u30ad\u30e3\u30f3\u30da\u30fc\u30f3<br \/>\n<\/a> - \u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9 Unit 42<\/li>\n<li><a href=\"https:\/\/unit42.paloaltonetworks.jp\/unit42-multi-exploit-iotlinux-botnets-mirai-gafgyt-target-apache-struts-sonicwall\" target=\"_blank\" rel=\"noopener\">\u8907\u6570\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u304c\u7d44\u307f\u8fbc\u307e\u308c\u305fIoT\/Linux\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8Mirai\u3001Gafgyt\u304cApache Struts\u3001SonicWall\u3092\u72d9\u3046<\/a> - \u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9 Unit 42<\/li>\n<li><a href=\"https:\/\/unit42.paloaltonetworks.jp\/mirai-variant-iz1h9\/\" target=\"_blank\" rel=\"noopener\">\u65b0\u3057\u3044\u74f6\u306b\u53e4\u3044\u9152: Mirai\u4e9c\u7a2e\u304c\u8907\u6570\u306eIoT\u30c7\u30d0\u30a4\u30b9\u3092\u6a19\u7684\u306b<br \/>\n<\/a> - \u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9 Unit 42<\/li>\n<li><a href=\"https:\/\/unit42.paloaltonetworks.jp\/mirai-variant-v3g4\/\" target=\"_blank\" rel=\"noopener\">IoT\u30c7\u30d0\u30a4\u30b9\u3092\u72d9\u3046Mirai\u306e\u4e9c\u7a2e\u300cV3G4\u300d<\/a> - \u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9 Unit 42<\/li>\n<\/ul>\n<h2><a id=\"post-128888-_yx22q2dfuwix\"><\/a>\u4ed8\u9332<\/h2>\n<p>\u5f53\u8a72\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306b\u95a2\u9023\u3059\u308b\u8106\u5f31\u6027\u60c5\u5831\u3092\u4ee5\u4e0b\u306b\u307e\u3068\u3081\u307e\u3059\u3002<\/p>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-12725\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2019-12725<\/strong><\/a><strong>: Zeroshell\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u60aa\u610f\u306e\u3042\u308b\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e743\u670814\u65e5\u306b\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u4e00\u90e8\u3068\u3057\u3066\u521d\u3081\u3066\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\u306f\u3001Zeroshell\u306e<span style=\"font-family: 'courier new', courier, monospace;\">kerbynet<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u3067<span style=\"font-family: 'courier new', courier, monospace;\">x509type<\/span>\u306e\u5024\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u3044\u306a\u3044\u3053\u3068\u306b\u8d77\u56e0\u3057\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128833\" aria-describedby=\"caption-attachment-128833\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128833 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-4-1.png\" alt=\"\u753b\u50cf4\u306f\u3001Zeroshell\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3089\u308c\u3066\u3044\u307e\u3059\u3002\" width=\"678\" height=\"136\" \/><figcaption id=\"caption-attachment-128833\" class=\"wp-caption-text\">\u56f34. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2019-12725\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-17621\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2019-17621<\/strong><\/a><strong>: D-Link DIR-859\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e745\u67081\u65e5\u306b\u6355\u6349\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306fD-Link\u306e\u30ef\u30a4\u30e4\u30ec\u30b9 \u30eb\u30fc\u30bf\u30fc\u306e<span style=\"font-family: 'courier new', courier, monospace;\">\/gena.cgi<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306b\u5b58\u5728\u3059\u308b\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3092\u6a19\u7684\u3068\u3057\u307e\u3059\u3002\u3053\u306e\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306f\u3001<span style=\"font-family: 'courier new', courier, monospace;\">service<\/span>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306e\u30e6\u30fc\u30b6\u30fc\u5165\u529b\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u3044\u307e\u305b\u3093\u3002\u3053\u306e\u7d50\u679c\u3001\u4efb\u610f\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128835\" aria-describedby=\"caption-attachment-128835\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128835 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-5-1.png\" alt=\"\u753b\u50cf5\u306f\u3001D-Link DIR-859\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3092\u793a\u3059\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002 \" width=\"678\" height=\"124\" \/><figcaption id=\"caption-attachment-128835\" class=\"wp-caption-text\">\u56f35. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2019-17621\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-20500\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2019-20500<\/strong><\/a><strong>: D-Link DWL-2600AP\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f2023\u5e744\u670811\u65e5\u306b\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002D-Link\u306e\u30ef\u30a4\u30e4\u30ec\u30b9 \u30eb\u30fc\u30bf\u30fc\u306e<span style=\"font-family: 'courier new', courier, monospace;\">admin.cgi<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306f\u3001\u30e6\u30fc\u30b6\u30fc\u304b\u3089\u306e\u5165\u529b\u30c7\u30fc\u30bf\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u304a\u3089\u305a\u3001\u305d\u308c\u304c\u539f\u56e0\u3067\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306b\u3064\u306a\u304c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128837\" aria-describedby=\"caption-attachment-128837\" style=\"width: 591px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128837 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-6-1.png\" alt=\"\u753b\u50cf6\u306f\u3001D-Link DWL-2600AP\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3088\u308a\u3001\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002 \" width=\"591\" height=\"184\" \/><figcaption id=\"caption-attachment-128837\" class=\"wp-caption-text\">\u56f36. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2019-20500\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-25296\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2021-25296<\/strong><\/a><strong>: Nagios XI\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e744\u670811\u65e5\u306b\u89b3\u6e2c\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001Nagios XI\u30c7\u30d0\u30a4\u30b9\u306e<span style=\"font-family: 'courier new', courier, monospace;\">\/nagiosxi\/config\/monitoringwizard.php<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u3092\u6a19\u7684\u3068\u3057\u307e\u3059\u3002\u5165\u529b\u691c\u8a3c\u304c\u4e0d\u5341\u5206\u3067\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u3063\u305f\u5834\u5408\u3001\u653b\u6483\u8005\u306f\u3053\u306e\u8106\u5f31\u6027\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3088\u308a\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u653b\u6483\u3092\u3057\u304b\u3051\u3089\u308c\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128839\" aria-describedby=\"caption-attachment-128839\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128839 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-7-1.png\" alt=\"\u753b\u50cf7\u306f\u3001Nagios XI\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002\u3053\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u306f\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u3082\u306e\u3067\u3059\u3002 \" width=\"678\" height=\"184\" \/><figcaption id=\"caption-attachment-128839\" class=\"wp-caption-text\">\u56f37 \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2021-25296\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-46422\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2021-46422<\/strong><\/a><strong>: Telesquare SDT-CW3B1\u30eb\u30fc\u30bf\u30fc\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u60aa\u8cea\u306a\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e743\u670814\u65e5\u306b\u521d\u3081\u3066\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002Telesquare\u30eb\u30fc\u30bf\u30fc\u306e<span style=\"font-family: 'courier new', courier, monospace;\">cgi-bin\/admin.cgi<\/span>\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u306b\u304a\u3051\u308b<span style=\"font-family: 'courier new', courier, monospace;\">cmd<\/span>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306e\u5024\u306f\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3055\u308c\u3066\u304a\u3089\u305a\u3001\u3053\u308c\u304c\u539f\u56e0\u3067\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u304c\u751f\u3058\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128841\" aria-describedby=\"caption-attachment-128841\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128841 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-8-1.png\" alt=\"\u753b\u50cf8\u306f\u3001Telesquare SDT-CW3B1\u30eb\u30fc\u30bf\u30fc\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u3053\u306e\u56f3\u306f\u60aa\u8cea\u306a\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3001\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u3059\u3002\u91cd\u8981\u306a\u500b\u6240\u306fcgi-bin\u306e\u30b3\u30de\u30f3\u30c9 \u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u3067\u3059\u3002 \" width=\"678\" height=\"121\" \/><figcaption id=\"caption-attachment-128841\" class=\"wp-caption-text\">\u56f38. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2021-46422\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27002\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2022-27002<\/strong><\/a><strong>: Arris TR3300\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e744\u670814\u65e5\u306b\u6355\u6349\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306fArris TR3300\u306e<span style=\"font-family: 'courier new', courier, monospace;\">user.cgi<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306b\u5b58\u5728\u3059\u308b\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3092\u6a19\u7684\u3068\u3057\u307e\u3059\u3002\u3053\u306e\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306f\u3001<span style=\"font-family: 'courier new', courier, monospace;\">DDNS_HOST<\/span>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306e\u30e6\u30fc\u30b6\u30fc\u5165\u529b\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u3044\u307e\u305b\u3093\u3002\u3053\u308c\u304c\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u3064\u306a\u304c\u308a\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128843\" aria-describedby=\"caption-attachment-128843\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128843 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-9-1.png\" alt=\"\u753b\u50cf9\u306f\u3001Arris TR3300\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002\u5f71\u97ff\u3092\u53d7\u3051\u308b\u90e8\u5206\u306fuser.cgi\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306e\u4e00\u90e8\u3067\u3059\u3002 \" width=\"678\" height=\"166\" \/><figcaption id=\"caption-attachment-128843\" class=\"wp-caption-text\">\u56f39. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2022-27002\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-29303\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2022-29303<\/strong><\/a><strong>: SolarView Compact\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f2023\u5e743\u670815\u65e5\u306b\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002SolarView Compact\u306e<span style=\"font-family: 'courier new', courier, monospace;\">confi_mail.php<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306f\u30e6\u30fc\u30b6\u30fc\u304b\u3089\u306e\u5165\u529b\u30c7\u30fc\u30bf\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u304a\u3089\u305a\u3001\u305d\u308c\u304c\u539f\u56e0\u3067\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u3064\u306a\u304c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128845\" aria-describedby=\"caption-attachment-128845\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128845 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-10-1.png\" alt=\"\u753b\u50cf10\u306f\u3001SolarView Compact\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002Host\u3001Origin\u3001Referer\u306f\u3059\u3079\u3066\u4f0f\u305b\u3066\u3042\u308a\u307e\u3059\u3002 \" width=\"678\" height=\"244\" \/><figcaption id=\"caption-attachment-128845\" class=\"wp-caption-text\">\u56f310. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2022-29303\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-30023\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2022-30023<\/strong><\/a><strong>: Tenda HG9 \u30eb\u30fc\u30bf\u30fc\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e743\u670814\u65e5\u306b\u89b3\u6e2c\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306fTenda HG9\u30eb\u30fc\u30bf\u30fc\u306e<span style=\"font-family: 'courier new', courier, monospace;\">\/boaform\/formPing<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u3092\u6a19\u7684\u306b\u3057\u3066\u3044\u307e\u3059\u3002\u5165\u529b\u691c\u8a3c\u304c\u4e0d\u5341\u5206\u3067\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u3063\u305f\u5834\u5408\u3001\u653b\u6483\u8005\u306f\u3053\u306e\u8106\u5f31\u6027\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3088\u308a\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u653b\u6483\u3092\u3057\u304b\u3051\u3089\u308c\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128847\" aria-describedby=\"caption-attachment-128847\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128847 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-11-1.png\" alt=\"\u753b\u50cf11\u306f\u3001Tenda HG9\u30eb\u30fc\u30bf\u30fc\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002\u3053\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u306f\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u3082\u306e\u3067\u3059\u3002 \" width=\"678\" height=\"172\" \/><figcaption id=\"caption-attachment-128847\" class=\"wp-caption-text\">\u56f311 \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2022-30023\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-30525\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2022-30525<\/strong><\/a><strong>: Zyxel\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u60aa\u8cea\u306a\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e743\u670814\u65e5\u306b\u521d\u3081\u3066\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002Zyxel\u306e<span style=\"font-family: 'courier new', courier, monospace;\">\/cgi-bin\/handler<\/span>\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u306b\u304a\u3051\u308b<span style=\"font-family: 'courier new', courier, monospace;\">mtu<\/span>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306e\u5024\u306f\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3055\u308c\u3066\u304a\u3089\u305a\u3001\u3053\u308c\u304c\u539f\u56e0\u3067\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u304c\u751f\u3058\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128849\" aria-describedby=\"caption-attachment-128849\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128849 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-12-1.png\" alt=\"\u753b\u50cf12\u306f\u3001Zyxel\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002\u5f71\u97ff\u3092\u53d7\u3051\u308b\u5834\u6240\u306fcgi-bin\u306emtg\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u3067\u3059\u3002 \" width=\"678\" height=\"188\" \/><figcaption id=\"caption-attachment-128849\" class=\"wp-caption-text\">\u56f312. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2022-30525\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-31499\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2022-31499<\/strong><\/a><strong>: Nortek Linear eMerge\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e745\u67081\u65e5\u306b\u6355\u6349\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306fNortek Linear eMerge\u30c7\u30d0\u30a4\u30b9\u306e<span style=\"font-family: 'courier new', courier, monospace;\">card_scan.php<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306b\u5b58\u5728\u3059\u308b\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3092\u6a19\u7684\u3068\u3057\u307e\u3059\u3002\u3053\u306e\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306f\u3001<span style=\"font-family: 'courier new', courier, monospace;\">ReaderNo<\/span>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306e\u30e6\u30fc\u30b6\u30fc\u5165\u529b\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u3044\u307e\u305b\u3093\u3002\u3053\u308c\u304c\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u3064\u306a\u304c\u308a\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128851\" aria-describedby=\"caption-attachment-128851\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128851 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-13-1.png\" alt=\"\u753b\u50cf13\u306fNortek Linear eMerge\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002\u3053\u306e\u60aa\u7528\u306fPHP\u30b3\u30fc\u30c9\u306b\u5f71\u97ff\u3057\u307e\u3059\u3002\" width=\"678\" height=\"120\" \/><figcaption id=\"caption-attachment-128851\" class=\"wp-caption-text\">\u56f313. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2022-31499\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2022-37061\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2022-37061<\/strong><\/a><strong>: FLIR AX8 \u306e\u672a\u8a8d\u8a3cOS\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f2023\u5e745\u67081\u65e5\u306b\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002FLIR AX8\u30c7\u30d0\u30a4\u30b9\u306e<span style=\"font-family: 'courier new', courier, monospace;\">res.php<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306f\u30e6\u30fc\u30b6\u30fc\u304b\u3089\u306e\u5165\u529b\u30c7\u30fc\u30bf\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u304a\u3089\u305a\u3001\u3053\u308c\u304cOS\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306b\u3064\u306a\u304c\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u6a5f\u80fd\u3057\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128853\" aria-describedby=\"caption-attachment-128853\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128853 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-14-1.png\" alt=\"\u753b\u50cf14\u306fFLIR AX8\u306e\u672a\u8a8d\u8a3cOS\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002\" width=\"678\" height=\"178\" \/><figcaption id=\"caption-attachment-128853\" class=\"wp-caption-text\">\u56f314 \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2022-37061\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-40005\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2022-40005<\/strong><\/a><strong>: Intelbras WiFiber 120AC inMesh\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e743\u670815\u65e5\u306b\u89b3\u6e2c\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001Intelbras WiFiber\u30c7\u30d0\u30a4\u30b9\u306e<span style=\"font-family: 'courier new', courier, monospace;\">\/boaform\/formPing6<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u3092\u6a19\u7684\u3068\u3057\u307e\u3059\u3002\u5165\u529b\u691c\u8a3c\u304c\u4e0d\u5341\u5206\u3067\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u3063\u305f\u5834\u5408\u3001\u653b\u6483\u8005\u306f\u3053\u306e\u8106\u5f31\u6027\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3088\u308a\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u653b\u6483\u3092\u3057\u304b\u3051\u3089\u308c\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128855\" aria-describedby=\"caption-attachment-128855\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128855 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-15-1.png\" alt=\"\u753b\u50cf15\u306f\u3001Intelbras WiFiber 120AC inMesh\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u3053\u306e\u56f3\u306f\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3001\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u3059\u3002 \" width=\"678\" height=\"161\" \/><figcaption id=\"caption-attachment-128855\" class=\"wp-caption-text\">\u56f315. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2022-40005\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-45699\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2022-45699<\/strong><\/a><strong>: APsystems ECU-R\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u60aa\u8cea\u306a\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e744\u670812\u65e5\u306b\u521d\u3081\u3066\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\u306f\u3001<span style=\"font-family: 'courier new', courier, monospace;\">\/management\/set_timezone<\/span>\u306e<span style=\"font-family: 'courier new', courier, monospace;\">timezone<\/span>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306e\u5024\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u3044\u306a\u3044\u3053\u3068\u306b\u8d77\u56e0\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128857\" aria-describedby=\"caption-attachment-128857\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128857 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-16-1.png\" alt=\"\u753b\u50cf16\u306f\u3001APsystems ECU-R\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u3053\u306e\u56f3\u306f\u60aa\u8cea\u306a\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3001\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u3059\u3002 \" width=\"678\" height=\"85\" \/><figcaption id=\"caption-attachment-128857\" class=\"wp-caption-text\">\u56f316. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCVE-2022-45699\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-1389\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2023-1389<\/strong><\/a><strong>: TP-Link Archer \u30eb\u30fc\u30bf\u30fc\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e744\u670812\u65e5\u306b\u6355\u6349\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306fTP-Link Archer\u30eb\u30fc\u30bf\u30fc\u306e<span style=\"font-family: 'courier new', courier, monospace;\">cgi-bin\/luci<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306b\u5b58\u5728\u3059\u308b\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3092\u6a19\u7684\u3068\u3057\u307e\u3059\u3002\u3053\u306e\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306f\u3001<span style=\"font-family: 'courier new', courier, monospace;\">country<\/span>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306e\u30e6\u30fc\u30b6\u30fc\u5165\u529b\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u3044\u307e\u305b\u3093\u3002\u3053\u306e\u7d50\u679c\u3001\u4efb\u610f\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128859\" aria-describedby=\"caption-attachment-128859\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128859 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-17-1.png\" alt=\"\u753b\u50cf17\u306f\u3001TP-Link Archer\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3001\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u3059\u3002 \" width=\"678\" height=\"180\" \/><figcaption id=\"caption-attachment-128859\" class=\"wp-caption-text\">\u56f317. \u91ce\u751f\u306eCVE-2023-1389\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-25280\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2023-25280<\/strong><\/a><strong>: D-Link DIR820LA1_FW105B03\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f2023\u5e744\u670811\u65e5\u306b\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002D-Link\u30c7\u30d0\u30a4\u30b9\u306e<span style=\"font-family: 'courier new', courier, monospace;\">\/ping.ccp<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306f\u30e6\u30fc\u30b6\u30fc\u304b\u3089\u306e\u5165\u529b\u30c7\u30fc\u30bf\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u304a\u3089\u305a\u3001\u3053\u308c\u304c\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u306b\u3064\u306a\u304c\u308b\u3053\u3068\u3067\u6a5f\u80fd\u3057\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128861\" aria-describedby=\"caption-attachment-128861\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128861 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-18-1.png\" alt=\"\u753b\u50cf18\u306f\u3001D-Link DIR820LA1_FW105B03\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u3053\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u306f\u3001Host\u3001Origin\u3001Referrer\u3092\u4f0f\u305b\u3066\u3044\u307e\u3059\u3002\" width=\"678\" height=\"279\" \/><figcaption id=\"caption-attachment-128861\" class=\"wp-caption-text\">\u56f318. \u91ce\u751f\u306eCVE-2023-25280\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-27240\" target=\"_blank\" rel=\"noopener\"><strong>CVE-2023-27076<\/strong><\/a><strong>: Tenda AX3\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027<\/strong><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e744\u670812\u65e5\u306b\u89b3\u6e2c\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306fTenda AX3\u30eb\u30fc\u30bf\u30fc\u306e<span style=\"font-family: 'courier new', courier, monospace;\">\/goform\/AdvSetLanip<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u3092\u6a19\u7684\u306b\u3057\u3066\u3044\u307e\u3059\u3002\u5165\u529b\u691c\u8a3c\u304c\u4e0d\u5341\u5206\u3067\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u3063\u305f\u5834\u5408\u3001\u653b\u6483\u8005\u306f\u3053\u306e\u8106\u5f31\u6027\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3088\u308a\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u653b\u6483\u3092\u3057\u304b\u3051\u3089\u308c\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128863\" aria-describedby=\"caption-attachment-128863\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128863 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-19-1.png\" alt=\"\u753b\u50cf19\u306f\u3001Tenda AX3\u306e\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u5185\u306e\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u3059\u3002 \" width=\"678\" height=\"179\" \/><figcaption id=\"caption-attachment-128863\" class=\"wp-caption-text\">\u56f319 \u91ce\u751f\u306eCVE-2023-27240\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/community.broadcom.com\/symantecenterprise\/viewthread?MessageKey=098d8b01-0638-45cc-9261-99076b39d424&amp;CommunityKey=dc76b213-82a9-4676-ac30-f50188193ccc&amp;tab=digestviewer\" target=\"_blank\" rel=\"noopener\"><strong>CCTV\/DVR\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c<\/strong><\/a><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e743\u670814\u65e5\u306b\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u8907\u6570\u306eCCTV\/DVR\u30c7\u30d0\u30a4\u30b9\u306e<span style=\"font-family: 'courier new', courier, monospace;\">\/language<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306b\u304a\u3051\u308b\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u3092\u6a19\u7684\u3068\u3057\u307e\u3059\u3002\u3053\u306e\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306fHTTP\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306e\u5024\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u3044\u307e\u305b\u3093\u3002<\/p>\n<figure id=\"attachment_128865\" aria-describedby=\"caption-attachment-128865\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128865 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-20-1.png\" alt=\"\u753b\u50cf20\u306fCCTV\/DVR\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u5185\u306e\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\/language\u3092\u6a19\u7684\u306b\u3057\u307e\u3059\u3002 \" width=\"678\" height=\"148\" \/><figcaption id=\"caption-attachment-128865\" class=\"wp-caption-text\">\u56f320. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fCCTV\/DVR\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/www.broadcom.com\/support\/security-center\/attacksignatures\/detail?asid=30364\" target=\"_blank\" rel=\"noopener\"><strong>EnGenius EnShare\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/strong><\/a><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e744\u670812\u65e5\u306b\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001EnGenius EnShare\u30c7\u30d0\u30a4\u30b9\u306e<span style=\"font-family: 'courier new', courier, monospace;\">\/cgi-bin\/usbinteract.cgi<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u304c\u3001HTTP\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc<span style=\"font-family: 'courier new', courier, monospace;\">path<\/span>\u306e\u5024\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u3044\u306a\u3044\u3053\u3068\u304c\u539f\u56e0\u3067\u6a5f\u80fd\u3057\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128867\" aria-describedby=\"caption-attachment-128867\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128867 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-21-1.png\" alt=\"\u753b\u50cf21\u306f\u3001EnGenius EnShare\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8 \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002 \" width=\"678\" height=\"103\" \/><figcaption id=\"caption-attachment-128867\" class=\"wp-caption-text\">\u56f321. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fEnGenius Enshare\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/www.rapid7.com\/db\/modules\/exploit\/linux\/http\/mvpower_dvr_shell_exec\/\" target=\"_blank\" rel=\"noopener\"><strong>MVPower DVR \u30b7\u30a7\u30eb\u306e\u672a\u8a8d\u8a3c\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/strong><\/a><\/p>\n<p>\u3053\u306e\u60aa\u610f\u306e\u3042\u308b\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e744\u670811\u65e5\u306b\u6355\u6349\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001MVPower DVR\u304c\u30e6\u30fc\u30b6\u30fc\u5165\u529b\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u304a\u3089\u305a\u3001\u305d\u308c\u304c\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306b\u3064\u306a\u304c\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u6a5f\u80fd\u3057\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128869\" aria-describedby=\"caption-attachment-128869\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128869 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-22-1.png\" alt=\"\u753b\u50cf22\u306f\u3001MVPower DVR Shell\u306e\u672a\u8a8d\u8a3c\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002 \" width=\"678\" height=\"113\" \/><figcaption id=\"caption-attachment-128869\" class=\"wp-caption-text\">\u56f322. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fMVPower DVR\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/seclists.org\/bugtraq\/2013\/Jun\/8\" target=\"_blank\" rel=\"noopener\"><strong>Netgear DGN1000\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/strong><\/a><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e743\u670814\u65e5\u306b\u88dc\u8db3\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001Netgear DGN1000\u306e<span style=\"font-family: 'courier new', courier, monospace;\">setup.cgi<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u3092\u6a19\u7684\u306b\u3057\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306f\u3001HTTP\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc<span style=\"font-family: 'courier new', courier, monospace;\">cmd<\/span>\u306e\u5024\u3092\u9069\u5207\u306b\u30b5\u30cb\u30bf\u30a4\u30ba\u3057\u3066\u304a\u3089\u305a\u3001\u305d\u308c\u304c\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306b\u3064\u306a\u304c\u308a\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128871\" aria-describedby=\"caption-attachment-128871\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128871 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-23-1.png\" alt=\"\u753b\u50cf23\u306f\u3001Netgear DGN1000\u3092\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3059\u308b\u30b3\u30de\u30f3\u30c9 \u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u5185\u306e\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002 \" width=\"678\" height=\"120\" \/><figcaption id=\"caption-attachment-128871\" class=\"wp-caption-text\">\u56f323. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fNetgear\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/ssd-disclosure.com\/ssd-advisory-vacron-nvr-remote-command-execution\/\" target=\"_blank\" rel=\"noopener\"><strong>Vacron NVR\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027<\/strong><\/a><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e743\u670814\u65e5\u306b\u89b3\u6e2c\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001Vacron NVR\u30c7\u30d0\u30a4\u30b9\u306e<span style=\"font-family: 'courier new', courier, monospace;\">board.cgi<\/span>\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u3092\u6a19\u7684\u3068\u3057\u307e\u3059\u3002\u5165\u529b\u691c\u8a3c\u304c\u4e0d\u5341\u5206\u3067\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u3063\u305f\u5834\u5408\u3001\u653b\u6483\u8005\u306f\u3053\u306e\u8106\u5f31\u6027\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3088\u308a\u30ea\u30e2\u30fc\u30c8 \u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u653b\u6483\u3092\u3057\u304b\u3051\u3089\u308c\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_128873\" aria-describedby=\"caption-attachment-128873\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128873 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-24-1.png\" alt=\"\u753b\u50cf24\u306f\u3001Vacron NVR\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u5185\u306e\u30db\u30b9\u30c8\u540d\u306f\u4f0f\u305b\u3066\u3042\u308a\u307e\u307e\u3059\u3002 \" width=\"678\" height=\"123\" \/><figcaption id=\"caption-attachment-128873\" class=\"wp-caption-text\">\u56f324. \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fVacron NVR\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p><a href=\"https:\/\/www.f5.com\/labs\/articles\/threat-intelligence\/brickerbot-do-good-intentions-justify-the-meansor-deliver-meaningful-results\" target=\"_blank\" rel=\"noopener\"><strong>MediaTek WiMAX\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c<\/strong><\/a><\/p>\n<p>\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u306f2023\u5e744\u670812\u65e5\u306b\u3042\u308b\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u4e00\u90e8\u3068\u3057\u3066\u521d\u3081\u3066\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\u306f\u3001MediaTek WiMAX \u30c7\u30d0\u30a4\u30b9\u306e<span style=\"font-family: 'courier new', courier, monospace;\">user.cgi<\/span>\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u306b\u5b58\u5728\u3059\u308b<span style=\"font-family: 'courier new', courier, monospace;\">SYSLOGD_REMOTE_HOST<\/span>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306e\u5024\u306e\u30b5\u30cb\u30bf\u30a4\u30ba\u304c\u9069\u5207\u306b\u884c\u308f\u308c\u3066\u3044\u306a\u3044\u3053\u3068\u306b\u3088\u308b\u3082\u306e\u3067\u3059\u3002<\/p>\n<figure id=\"attachment_128875\" aria-describedby=\"caption-attachment-128875\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img  class=\"wp-image-128875 lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2023\/06\/word-image-128774-25-1.png\" alt=\"\u753b\u50cf25\u306f\u3001MediaTek WiMAX\u306e\u30ea\u30e2\u30fc\u30c8 \u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8\u3067\u3059\u3002\" width=\"678\" height=\"149\" \/><figcaption id=\"caption-attachment-128875\" class=\"wp-caption-text\">\u56f325 \u91ce\u751f\u3067\u89b3\u6e2c\u3055\u308c\u305fMediaTek WiMAX\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>\u6982\u8981 Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f2023\u5e743\u6708\u4ee5\u964d\u3001\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u304c\u8907\u6570\u306eIoT\u30c7\u30d0\u30a4\u30b9\u306e\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3001Mirai\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u4e9c\u7a2e\u3092\u62e1\u6563\u3057\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u3066\u3044\u307e\u3059\u3002\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3055\u308c\u3066\u3044\u305f\u8106\u5f31\u6027\u306f\u4ee5\u4e0b\u306e\u8868\u306e\u901a\u308a\u3067<\/p>\n","protected":false},"author":278,"featured_media":134382,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[4430,4470],"tags":[4689,5095,5097,5099,5101,5103,5105,5107,5109,5111,5113,5115,5117,5119,5121,5123,5125,4679,5127,4547],"product_categories":[4442,4443,4444,4446,4454,4456],"coauthors":[3549,836,3736,1727],"class_list":["post-128888","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trend-reports-ja","category-vulnerabilities-ja","tag-botnet-ja","tag-cve-2019-12725-ja","tag-cve-2019-17621-ja","tag-cve-2019-20500-ja","tag-cve-2021-25296-ja","tag-cve-2021-46422-ja","tag-cve-2022-27002-ja","tag-cve-2022-29303-ja","tag-cve-2022-30023-ja","tag-cve-2022-30525-ja","tag-cve-2022-31499-ja","tag-cve-2022-36266-ja","tag-cve-2022-40005-ja","tag-cve-2022-45699-ja","tag-cve-2023-1389-ja","tag-cve-2023-25280-ja","tag-cve-2023-27240-ja","tag-iot-ja","tag-iot-security-ja","tag-mirai-ja","product_categories-advanced-threat-prevention-ja","product_categories-advanced-url-filtering-ja","product_categories-advanced-wildfire-ja","product_categories-cloud-delivered-security-services-ja","product_categories-iot-security-ja","product_categories-next-generation-firewall-ja"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>\u6c88\u9ed9\u306eIoT: \u8907\u6570\u306eIoT\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u60aa\u7528\u3059\u308b\u6700\u65b0Mirai\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u89e3\u5256<\/title>\n<meta name=\"description\" content=\"Mirai\u306f\u3044\u307e\u3060\u306b\u65b0\u305f\u306a\u4e9c\u7a2e\u3092\u767b\u5834\u3055\u305b\u3066\u3044\u308b\u30a2\u30af\u30c6\u30a3\u30d6\u306a\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3059\u3002IoT\u30c7\u30d0\u30a4\u30b9\u306f\u60aa\u7528\u304c\u5bb9\u6613\u3067\u4e0e\u3048\u3046\u308b\u5f71\u97ff\u304c\u5927\u304d\u3044\u8105\u5a01\u3067\u3059\u3002\u672c\u7a3f\u3067\u306f\u3053\u306eMirai\u306b\u3088\u308bIoT\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u53d6\u308a\u4e0a\u3052\u307e\u3059\u3002\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u6c88\u9ed9\u306eIoT: \u8907\u6570\u306eIoT\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u60aa\u7528\u3059\u308b\u6700\u65b0Mirai\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u89e3\u5256\" \/>\n<meta property=\"og:description\" content=\"Mirai\u306f\u3044\u307e\u3060\u306b\u65b0\u305f\u306a\u4e9c\u7a2e\u3092\u767b\u5834\u3055\u305b\u3066\u3044\u308b\u30a2\u30af\u30c6\u30a3\u30d6\u306a\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3059\u3002IoT\u30c7\u30d0\u30a4\u30b9\u306f\u60aa\u7528\u304c\u5bb9\u6613\u3067\u4e0e\u3048\u3046\u308b\u5f71\u97ff\u304c\u5927\u304d\u3044\u8105\u5a01\u3067\u3059\u3002\u672c\u7a3f\u3067\u306f\u3053\u306eMirai\u306b\u3088\u308bIoT\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u53d6\u308a\u4e0a\u3052\u307e\u3059\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/\" \/>\n<meta property=\"og:site_name\" content=\"Unit 42\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-23T08:46:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-31T01:11:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Security-Technology_Category_1920x900.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chao Lei, Zhibin Zhang, Yiheng An, Cecilia Hu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u6c88\u9ed9\u306eIoT: \u8907\u6570\u306eIoT\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u60aa\u7528\u3059\u308b\u6700\u65b0Mirai\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u89e3\u5256","description":"Mirai\u306f\u3044\u307e\u3060\u306b\u65b0\u305f\u306a\u4e9c\u7a2e\u3092\u767b\u5834\u3055\u305b\u3066\u3044\u308b\u30a2\u30af\u30c6\u30a3\u30d6\u306a\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3059\u3002IoT\u30c7\u30d0\u30a4\u30b9\u306f\u60aa\u7528\u304c\u5bb9\u6613\u3067\u4e0e\u3048\u3046\u308b\u5f71\u97ff\u304c\u5927\u304d\u3044\u8105\u5a01\u3067\u3059\u3002\u672c\u7a3f\u3067\u306f\u3053\u306eMirai\u306b\u3088\u308bIoT\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u53d6\u308a\u4e0a\u3052\u307e\u3059\u3002","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/","og_locale":"ja_JP","og_type":"article","og_title":"\u6c88\u9ed9\u306eIoT: \u8907\u6570\u306eIoT\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u60aa\u7528\u3059\u308b\u6700\u65b0Mirai\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u89e3\u5256","og_description":"Mirai\u306f\u3044\u307e\u3060\u306b\u65b0\u305f\u306a\u4e9c\u7a2e\u3092\u767b\u5834\u3055\u305b\u3066\u3044\u308b\u30a2\u30af\u30c6\u30a3\u30d6\u306a\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3059\u3002IoT\u30c7\u30d0\u30a4\u30b9\u306f\u60aa\u7528\u304c\u5bb9\u6613\u3067\u4e0e\u3048\u3046\u308b\u5f71\u97ff\u304c\u5927\u304d\u3044\u8105\u5a01\u3067\u3059\u3002\u672c\u7a3f\u3067\u306f\u3053\u306eMirai\u306b\u3088\u308bIoT\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u53d6\u308a\u4e0a\u3052\u307e\u3059\u3002","og_url":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/","og_site_name":"Unit 42","article_published_time":"2023-06-23T08:46:56+00:00","article_modified_time":"2024-07-31T01:11:15+00:00","og_image":[{"width":1920,"height":900,"url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Security-Technology_Category_1920x900.jpg","type":"image\/jpeg"}],"author":"Chao Lei, Zhibin Zhang, Yiheng An, Cecilia Hu","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/#article","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/"},"author":{"name":"Zhibin Zhang","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/ef2736b38e39c269e59b3d79094883da"},"headline":"\u6c88\u9ed9\u306eIoT: \u8907\u6570\u306eIoT\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u60aa\u7528\u3059\u308b\u6700\u65b0Mirai\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u89e3\u5256","datePublished":"2023-06-23T08:46:56+00:00","dateModified":"2024-07-31T01:11:15+00:00","mainEntityOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/"},"wordCount":912,"commentCount":0,"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/#primaryimage"},"thumbnailUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Security-Technology_Category_1920x900.jpg","keywords":["botnet","CVE-2019-12725","CVE-2019-17621","CVE-2019-20500","CVE-2021-25296","CVE-2021-46422","CVE-2022-27002","CVE-2022-29303","CVE-2022-30023","CVE-2022-30525","CVE-2022-31499","CVE-2022-36266","CVE-2022-40005","CVE-2022-45699","CVE-2023-1389","CVE-2023-25280","CVE-2023-27240","IoT","IoT Security","Mirai"],"articleSection":["\u30c8\u30ec\u30f3\u30c9 \u30ec\u30dd\u30fc\u30c8","\u8106\u5f31\u6027"],"inLanguage":"ja","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/","url":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/","name":"\u6c88\u9ed9\u306eIoT: \u8907\u6570\u306eIoT\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u60aa\u7528\u3059\u308b\u6700\u65b0Mirai\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u89e3\u5256","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/#primaryimage"},"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/#primaryimage"},"thumbnailUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Security-Technology_Category_1920x900.jpg","datePublished":"2023-06-23T08:46:56+00:00","dateModified":"2024-07-31T01:11:15+00:00","author":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/ef2736b38e39c269e59b3d79094883da"},"description":"Mirai\u306f\u3044\u307e\u3060\u306b\u65b0\u305f\u306a\u4e9c\u7a2e\u3092\u767b\u5834\u3055\u305b\u3066\u3044\u308b\u30a2\u30af\u30c6\u30a3\u30d6\u306a\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3059\u3002IoT\u30c7\u30d0\u30a4\u30b9\u306f\u60aa\u7528\u304c\u5bb9\u6613\u3067\u4e0e\u3048\u3046\u308b\u5f71\u97ff\u304c\u5927\u304d\u3044\u8105\u5a01\u3067\u3059\u3002\u672c\u7a3f\u3067\u306f\u3053\u306eMirai\u306b\u3088\u308bIoT\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u53d6\u308a\u4e0a\u3052\u307e\u3059\u3002","breadcrumb":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/#primaryimage","url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Security-Technology_Category_1920x900.jpg","contentUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Security-Technology_Category_1920x900.jpg","width":1920,"height":900,"caption":"A person's hands type on a laptop. Superimposed graphically before the screen is code appearing in three separate streams by color, before joining together in many lines."},{"@type":"BreadcrumbList","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/mirai-variant-targets-iot-exploits\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/unit42.paloaltonetworks.com\/ja\/"},{"@type":"ListItem","position":2,"name":"\u6c88\u9ed9\u306eIoT: \u8907\u6570\u306eIoT\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u60aa\u7528\u3059\u308b\u6700\u65b0Mirai\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\u306e\u89e3\u5256"}]},{"@type":"WebSite","@id":"https:\/\/unit42.paloaltonetworks.com\/#website","url":"https:\/\/unit42.paloaltonetworks.com\/","name":"Unit 42","description":"Palo Alto Networks","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/unit42.paloaltonetworks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/ef2736b38e39c269e59b3d79094883da","name":"Zhibin Zhang","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/image\/4ffb3c2d260a0150fb91b3715442f8b3","url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","contentUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","caption":"Zhibin Zhang"},"url":"https:\/\/unit42.paloaltonetworks.com\/ja\/author\/zhibin-zhang\/"}]}},"_links":{"self":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/128888","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/users\/278"}],"replies":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/comments?post=128888"}],"version-history":[{"count":6,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/128888\/revisions"}],"predecessor-version":[{"id":135974,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/128888\/revisions\/135974"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media\/134382"}],"wp:attachment":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media?parent=128888"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/categories?post=128888"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/tags?post=128888"},{"taxonomy":"product_categories","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/product_categories?post=128888"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/coauthors?post=128888"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}