Author Topic: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932  (Read 4190 times)

0 Members and 1 Guest are viewing this topic.

Offline Cards Fan in SoCal

  • Newbie
  • *
  • Posts: 5
JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
« on: November 21, 2016, 11:45:24 PM »

Originally posted on Worms and Viruses board, but posting here now, as it is a collection of mac networks.



My Netflix account has been compromised, we reset the password, and it was compromised again the next day.  The person at Netflix is concerned that the hackers are able to view our emails or getting info from our home computer network.

Using Avast, the Home Network Security Scan, complains about my router: Netgear Nighthawk 1900 having Vulnerability ID:
CVE-2015-0932, which says "User input can be executed as a command"

Looking at the Netgear user community, there was a thread from last month showing that this is a false positive.

Using the Full System Scan, it found a JS:Includer-BOC[Trj] file in the firefox downloads of one of the users on one laptop in the home network.  Another laptop on the network is scanning clean.  The third laptop on the network does not have Avast yet, and I am working on that.

How concerned should I be about these issues Avast has reported?

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31333
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
« Reply #1 on: November 22, 2016, 12:04:38 AM »
If you lookup the CVE, you will see that it is not a false threat.

Offline Cards Fan in SoCal

  • Newbie
  • *
  • Posts: 5
Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
« Reply #2 on: November 22, 2016, 06:49:35 AM »
So what steps do I take with the CVE issue?  Do I need a new router?

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31333
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
« Reply #3 on: November 22, 2016, 11:40:09 AM »
With routers the insecurity almost always comes through issues with the firmware.
First thing to do is checking if there is a newer version and if there is install it.

Offline Cards Fan in SoCal

  • Newbie
  • *
  • Posts: 5
Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
« Reply #4 on: November 23, 2016, 12:29:00 AM »
Firmware is already up to the latest version.

Offline tumic

  • Moderator
  • Advanced Poster
  • *
  • Posts: 724
Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
« Reply #5 on: November 23, 2016, 12:07:49 PM »
Does it still show up with the latest VPS? This false-positive should be AFAIK fixed.

Offline Cards Fan in SoCal

  • Newbie
  • *
  • Posts: 5
Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
« Reply #6 on: November 23, 2016, 06:59:29 PM »
The router Vulnerability is now gone.  Thanks.

Offline TED123

  • Newbie
  • *
  • Posts: 18
Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
« Reply #7 on: November 24, 2016, 08:46:43 PM »
Download the latest firmware from your  router manufacture, re flash it even if it is the same version. Then change your email password and change your Netflix password. Clear browser history and cookies after every password change. Do this all in one sitting. Is there another PC or computers on your network??? If so, first check those out for malware before you change everything.