The critical command injection vulnerability was discovered and patched in May 2021. A PoC was released and within a week, attackers exploited the vulnerability to deploy variants of Mirai.