A critical zero-day vulnerability affecting GoCloud routers, which allows pre-authentication remote code execution (RCE), has been listed for sale on the dark web. This vulnerability enables attackers to gain full control of affected devices without requiring user authentication, posing serious security risks to networks using these routers.
The sale of this exploit highlights the pressing need for effective vulnerability management and prompt security updates in IoT and networking devices. Organizations are urged to assess their systems and implement necessary patches to protect against potential attacks.