Symantec has observed active exploitationof a potential 0-day vulnerability in Xunlei Web Thunder. Thisvulnerability has been assigned BID 25192. This vulnerability is closely related to a previously discovered Xunlei vulnerability identified as BID 24552. Exploitation of this new vulnerability may result in arbitrary download of malicious files onto the compromised computer.
Symantec has observed an instance in which a copy of W32.Bratsters was downloaded. In addition to this malware detection, the IPS signature HTTP XunLei WebThunder ActiveX Download also detects the attempted exploitation.
