ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Vulnerabilities hauv Realtek SDK ua rau muaj teeb meem hauv cov khoom siv los ntawm 65 cov tuam txhab

Vulnerabilities hauv Realtek SDK ua rau muaj teeb meem hauv cov khoom siv los ntawm 65 cov tuam txhab

Plaub qhov tsis zoo tau raug txheeb xyuas nyob rau hauv cov khoom ntawm Realtek SDK, uas yog siv los ntawm ntau lub tuam txhab khoom siv wireless hauv lawv cov firmware, uas tuaj yeem tso cai rau tus neeg tawm tsam tsis muaj pov thawj los ua cov cai tswj hwm ntawm lub cuab yeej nrog cov cai siab. Raws li kev kwv yees ua ntej, cov teeb meem cuam tshuam tsawg kawg 200 cov qauv ntawm cov khoom siv sib txawv los ntawm 65 tus neeg muab khoom sib txawv, suav nrog ntau yam qauv ntawm wireless routers Asus, A-Link, Beeline, Belkin, Buffalo, D-Link, Edison, Huawei, LG, Logitec, MT- Txuas, Netgear, Realtek, Smartlink, UPVEL, ZTE thiab Zyxel.

Qhov teeb meem suav nrog ntau chav kawm ntawm cov khoom siv wireless raws li RTL8xxx SoC, los ntawm wireless routers thiab Wi-Fi amplifiers mus rau IP koob yees duab thiab cov khoom siv teeb pom kev zoo. Cov khoom siv raws li RTL8xxx chips siv cov qauv tsim uas cuam tshuam nrog kev teeb tsa ntawm ob lub SoCs - thawj qhov teeb tsa lub chaw tsim khoom siv Linux-based firmware, thiab qhov thib ob khiav ib qho chaw cais tawm ntawm Linux ib puag ncig nrog kev ua haujlwm ntawm qhov chaw nkag. Kev sau ntawm qhov chaw thib ob yog ua raws li cov qauv txheej txheem muab los ntawm Realtek hauv SDK. Cov khoom no tseem ua cov ntaub ntawv tau txais los ntawm kev xa cov lus thov sab nraud.

Qhov tsis zoo cuam tshuam rau cov khoom siv Realtek SDK v2.x, Realtek "Hungle" SDK v3.0-3.4 thiab Realtek "Luna" SDK ua ntej version 1.3.2. Qhov kev txhim kho twb tau tso tawm hauv Realtek "Luna" SDK 1.3.2a hloov tshiab, thiab thaj ua rau thaj rau Realtek "Jungle" SDK tseem tab tom npaj rau kev tshaj tawm. Tsis muaj kev npaj yuav tso tawm ib qho kev kho rau Realtek SDK 2.x, txij li kev txhawb nqa rau ceg ntoo no twb raug txiav lawm. Rau txhua qhov tsis zoo, kev ua haujlwm siv cov qauv tsim tau muab tso cai rau koj ua tiav koj cov cai ntawm lub cuab yeej.

Kev txheeb xyuas qhov tsis zoo (thawj ob yog muab qhov hnyav ntawm 8.1, thiab tus so - 9.8):

  • CVE-2021-35392 - Buffer overflow hauv mini_upnpd thiab wscd cov txheej txheem uas siv "WiFi Simple Config" kev ua haujlwm (mini_upnpd txheej txheem SSDP pob ntawv, thiab wscd, ntxiv rau kev txhawb nqa SSDP, txheej txheem UPnP thov raws li HTTP raws tu qauv). Tus neeg tawm tsam tuaj yeem ua tiav lawv cov cai los ntawm kev xa cov khoom tshwj xeeb UPnP "SUBSCRIBE" thov nrog tus lej chaw nres nkoj loj dhau ntawm "Callback" teb. SUBSCRIBE /upnp/event/WFAWLANConfig1 HTTP/1.1 Host: 192.168.100.254:52881 Callback: NT:upnp:event
  • CVE-2021-35393 yog qhov muaj qhov tsis zoo hauv WiFi Simple Config handlers uas tshwm sim thaum siv SSDP raws tu qauv (siv UDP thiab daim ntawv thov zoo ib yam li HTTP). Qhov teeb meem yog tshwm sim los ntawm kev siv qhov tsis ruaj khov ntawm 512 bytes thaum ua cov "ST: upnp" parameter hauv M-SEARCH cov lus xa los ntawm cov neeg siv khoom los txiav txim siab muaj cov kev pabcuam hauv lub network.
  • CVE-2021-35394 yog qhov tsis zoo hauv MP Daemon txheej txheem, uas yog lub luag haujlwm rau kev ua haujlwm kuaj mob (ping, traceroute). Qhov teeb meem tso cai hloov pauv ntawm tus kheej cov lus txib vim tsis muaj kev kuaj xyuas cov lus sib cav thaum ua cov khoom siv sab nraud.
  • CVE-2021-35395 yog ib qho ntawm qhov tsis zoo hauv web interfaces raws li http servers /bin/webs thiab /bin/boa. Tej yam tsis zoo uas tshwm sim los ntawm qhov tsis muaj kev tshuaj xyuas cov lus sib cav ua ntej tso tawm cov khoom siv sab nraud uas siv qhov system() muaj nuj nqi tau txheeb xyuas hauv ob lub servers. Qhov sib txawv tsuas yog los ntawm kev siv APIs sib txawv rau kev tawm tsam. Ob tus neeg tuav haujlwm tsis suav nrog kev tiv thaiv CSRF tawm tsam thiab "DNS rebinding" txheej txheem, uas tso cai rau xa cov lus thov los ntawm lwm lub network thaum txwv kev nkag mus rau lub interface nkaus xwb rau lub network sab hauv. Cov txheej txheem kuj tau ua txhaum cai rau tus thawj saib xyuas / tus saib xyuas tus account ua ntej. Tsis tas li ntawd, ob peb pawg overflows tau raug txheeb xyuas nyob rau hauv cov handlers, uas tshwm sim thaum sib cav uas loj dhau raug xa mus. POST /goform/formWsc HTTP/1.1 Hwm: 192.168.100.254 Cov ntsiab lus-Length: 129 Cov Ntsiab Lus Hom: application/x-www-form-urlencoded xa-url=%2Fwlwps.asp&resetUnCfg=0&peerPin=12345678; ;&setPIN=Start+PIN&configVxd=off&resetRptUnCfg=1&peerRptPin=
  • Tsis tas li ntawd, ntau qhov tsis zoo ntxiv tau raug txheeb xyuas hauv UDPServer txheej txheem. Raws li nws tau muab tawm, ib qho ntawm cov teeb meem twb tau tshawb pom los ntawm lwm cov kws tshawb fawb rov qab rau xyoo 2015, tab sis tsis tau kho tag nrho. Qhov teeb meem tshwm sim los ntawm qhov tsis muaj kev lees paub zoo ntawm cov lus sib cav dhau mus rau qhov system() muaj nuj nqi thiab tuaj yeem siv tau los ntawm kev xa cov hlua xws li 'orf; ls' mus rau qhov chaw nres nkoj network 9034. Tsis tas li ntawd, qhov tsis txaus siab tau raug txheeb xyuas hauv UDPServer vim kev siv tsis ruaj ntseg ntawm sprintf muaj nuj nqi, uas tuaj yeem siv los ua kev tawm tsam.

Tau qhov twg los: opennet.ru

Ntxiv ib saib