Muaj plaub qhov tsis zoo uas tau pom nyob rau hauv Cisco Small Business series switches uas tso cai rau tus neeg tawm tsam nyob deb kom tau txais kev nkag mus rau hauv paus tag nrho rau lub cuab yeej yam tsis tas yuav tsum tau lees paub. Yuav kom siv tau cov qhov tsis zoo no, tus neeg tawm tsam yuav tsum muaj peev xwm xa cov lus thov mus rau qhov chaw nres nkoj network uas txhawb nqa lub web interface. Cov qhov tsis zoo no tau raug ntsuas qhov tseem ceeb (9.8 ntawm 10). Ib qho prototype ua haujlwm tau tshaj tawm.
Cov qhov tsis muaj zog uas tau txheeb xyuas (CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, CVE-2023-20189) yog tshwm sim los ntawm qhov yuam kev ntawm lub cim xeeb hauv ntau yam handlers uas muaj thaum lub sijhawm ua ntej kev lees paub. Cov qhov tsis muaj zog ua rau muaj buffer overflows thaum ua cov ntaub ntawv sab nraud tshwj xeeb. Tsis tas li ntawd, plaub qhov tsis muaj zog tsawg dua (CVE-2023-20024, CVE-2023-20156, CVE-2023-20157, CVE-2023-20158) tau txheeb xyuas hauv Cisco Small Business series, uas tso cai rau tus neeg tawm tsam nyob deb pib tsis lees paub kev pabcuam, thiab ib qho tsis muaj zog (CVE-2023-20162) uas tso cai rau kev teeb tsa khoom siv yam tsis tau kev lees paub.
Cov qhov tsis muaj zog no cuam tshuam rau Smart Switch 250, 350, 350X, 550X, Business 250, thiab Business 350 series, nrog rau Small Business 200, 300, thiab 500 series. Cov 220 thiab Business 220 series switches tsis muaj zog. Cov teeb meem tau raug daws teeb meem hauv firmware hloov tshiab 2.5.9.16 thiab 3.3.0.16. Firmware hloov tshiab yuav tsis raug tso tawm rau Small Business 200, 300, thiab 500 series, vim tias cov qauv no tau mus txog qhov kawg ntawm lub neej.
Tau qhov twg los: opennet.ru
