New Botnet, Ballista, Exploits Unpatched Vulnerability in TP-Link Archer Routers

A new botnet, named Ballista, is exploiting an unpatched vulnerability in TP-Link Archer routers, targeting over 6,000 devices. According to researchers at Cato CTRL, this botnet leverages a remote code execution (RCE) flaw, listed as CVE-2023-1389 with a CVSS score of 8.8. This vulnerability allows for unauthenticated command injection. The technical details and real-world impacts of this threat are still being assessed.