Satori botnet, Mirai malware
The vulnerability has been used in Satori attacks against Huawei's router model HG532. The most targeted countries include the United States, Italy, Germany, and Egypt.
Hardcoded credentials were detected in firmware shared by D-Link DNS-320 L and WD My Cloud. The issue was brought up by researchers from GulfTech in the beginning of January 2018, while the vendor has patched the vulnerability in November 2017.
Given the age of code that contained the backdoor we tend to believe that this issue has being exploited in the wild. Therefore we track this vulnerability as a zero-day.
Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.