Linksys/D-Link RTL819X command-injection RCE — initial-access vector for the AryStinger botnet

cve · CVE-2013-3307

Coverage timeline

first 2026-06-22 → last 2026-06-22

Briefs

1 distinct

Sources cited

5 hosts

Sections touched

—

Co-occurring entities

no co-occurrence

Story timeline

2026-06-22CTI Daily Brief — 2026-06-22

Source distribution

attack.mitre.org1 (20%)
bleepingcomputer.com1 (20%)
blog.xlab.qianxin.com1 (20%)
lumen.com1 (20%)
thehackernews.com1 (20%)

External references

NVD · cve.org · CISA KEV

All cited sources (5)

blog.xlab.qianxin.comprimaryinlineQiAnXin XLabhttps://blog.xlab.qianxin.com/arystinger-botnet-hijacks-legacy-routers-for-global-attacks-en/
source profile · cited in 2026-06-22
attack.mitre.orginlineT1190https://attack.mitre.org/techniques/T1190/
cited in 2026-06-22
bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/arystinger-botnet-infected-thousands-of-d-link-routers-worldwide/
source profile · cited in 2026-06-22
lumen.cominlineLumen Black Lotus Labs, 2026-06-10https://www.lumen.com/blog/en-us/expanded-jdy-iot-and-soho-botnet-enables-rapid-vulnerability-exploitation
cited in 2026-06-11
thehackernews.cominlineThe Hacker News, 2026-06-10https://thehackernews.com/2026/06/china-linked-jdy-botnet-expands-to-1500.html
cited in 2026-06-11

Items in briefs about Linksys/D-Link RTL819X command-injection RCE — initial-access vector for the AryStinger botnet

No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.