SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Tuesday, June 24th, 2025: Ichano ATHome IP Camera Scans; Netscaler Vulnerability; WinRar Vulnerability
Jun 24, 2025
The podcast dives into alarming scans targeting Ichano AtHome IP Cameras using easily guessable credentials like 'super_yg' and '123'. A critical vulnerability, CVE-2025-5777, is discussed regarding the Citrix Netscaler Gateway, which could put a lot of users at risk if not addressed. Additionally, the hosts reveal a concerning issue with WinRAR that could lead to remote code execution due to compromised file extraction paths. Listeners are urged to take immediate action to secure their systems.
AI Snips
Chapters
Transcript
Episode notes
Ichano IP Camera Default Credentials
- Scanners used the username super_yg to target Ichano IP Camera software starting June 18th.
- This default username and password remain unchanged since a 2017 vulnerability report.
Critical Citrix NetScaler Update
- Update Citrix NetScaler Gateway immediately to patch CVE-2025-5777.
- Terminate active sessions after update; do not rely solely on rebooting devices.
WinRAR Critical Vulnerability Fix
- Install the WinRAR 7.12 beta to fix a critical remote code execution vulnerability.
- Beware crafted archives can extract files to arbitrary attacker-controlled locations.