Authors of a new botnet are targeting connected devices affected by critical-level vulnerabilities, some of them impacting network security devices. The attacks are still active and use publicly available exploits, sometimes only a few hours after being published. Exploit code for at least ten vulnerabilities has been leveraged so far, the latest being added over the weekend. Among them is VisualDoor, the exploit for a remote command injection vulnerability in SonicWall SSL-VPN devices that the maker says they fixed years ago.
Source: https://www.bleepingcomputer.com/news/security/new-botnet-targets-network-security-devices-with-critical-exploits/