External access attempt blocked

Hello people,

Yesterday, around this time, my Bitdefender Total Security 2020 firewall gave me countless notifications of external access attempt blocked. The feature is online threat prevention, with a description of "An attempt to access your files from an external source was made by 192.XXX.XXX.1. We blocked the connection to prevent remote code execution on your device." The funny thing is that IP is coming from my router itself. Several other attempts were blocked from 192.XXX.XXX.3, etc, so basically a few devices from my own network. When going to bitdefender central, I see the following as an example.

Description

There was an attempt to inject a command towards the device through a dangerous URL. We blocked the connection to prevent malicious commands from being executed.

Threat name

haut_blocking/exploit.commandinjection.*

Attack source

192.XXX.XXX.5.

I can't find much information from bitdefender on this. I have also an amazon fire stick, and that was the ip of the device in question. After several router reboots, it jumped to different ip, but technically the same device. I disconnected the amazon fire stick from the network, I changed router login credentials, and also wifi password, and it stopped since then. I am just baffled as to who and what is doing this. I also installed the avast browser around the same time, and tinkered a bit with avast antivirus, so maybe that's the culprit? Any ideas please, thank you in advance.

Have a great day.

Answers

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    Hi Member,

    1) Kindly check if the IP is under block list on the stated website database : https://www.abuseipdb.com/

    2) Why Avast, when you already were using Bitdefender. It will lead to high consumption of system resources, system freeze etc.

    3) Yes, it was web injection attack that was blocked by bitdefender.

    Regards

    Flex

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    Hi Member

    Kindly drop an email to bitdefender support at bitsy@bitdefender.com regarding your query.

    Regards

    Flex

    (Bitdefender beta tester 2019/ 2020)

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • I have asked before, how do we know who, what, or where something trying to access files but Bitdefender blocks? Then dialog box pops up with "5 min," "allow for now (paraphrased)," "allow" etc. but no where how to know what was blocked. I was able to find bin/rm but haven't a clue as to what that means. Is there anyway I can find out what Bitdefender tries to block so I might be able to make a reasonable request to block or allow?