The issue has been reported by Sourajeet Majumder (@TechCrucio) on Twitter. He on his Twitter handle has reported that threat actors have defaced 2 subdomains – Innovationhub and Sugarcane. It’s been more than 12 hours but the defaced pages are still on the portals and vulnerabilities is yet to fix
https://innovationhub.ncsm.gov.in/index.php/view-event/https://sugarcane.icar.gov.in/images/vuln.txt
Please fix them asap 🙂 @IndianCERT @NICMeity @sanjg2k1 pic.twitter.com/2RjUPG2QzT — Sourajeet Majumder (@TechCrucio) August 24, 2021 When visiting the Sugarcane website, it says a weird message- ‘Vuln! patch it Now!‘, and when visiting the Innovationhub website it shows a GIF with a message – (laZy hAcker kill me ;). Given below is the screenshot of what the website says when visited.
Sourajeet Majumder reported this issue at 2:31 on 25 August by tagging the Indian Computer Emergency Responsible Team, National Informatics Center, Sanjeev Gupta, National Council Of Science Museum, and Indian Council Of Agriculture Research. Even after hours of reporting, the vulnerability has not been patched and users will get the same error again when visiting the website.
Δ
