Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Zowopsa zomwe zimalola kulanda ma switch a Cisco, Zyxel ndi NETGEAR kutengera RTL83xx tchipisi

Zowopsa zomwe zimalola kulanda ma switch a Cisco, Zyxel ndi NETGEAR kutengera RTL83xx tchipisi

Mu masinthidwe otengera RTL83xx tchipisi, kuphatikiza Cisco Small Business 220, Zyxel GS1900-24, NETGEAR GS75x, ALLNET ALL-SG8208M ndi zida zopitilira khumi ndi ziwiri zochokera kwa opanga osadziwika bwino, kudziwika zofooka zazikulu zomwe zimalola wowukira wosavomerezeka kuti athe kuwongolera kusintha. Mavutowa amayamba chifukwa cha zolakwika mu Realtek Managed Switch Controller SDK, code yomwe idagwiritsidwa ntchito pokonzekera firmware.

Kusatetezeka koyamba (CVE-2019-1913) imakhudza mawonekedwe owongolera intaneti ndikupangitsa kuti zitheke kugwiritsa ntchito nambala yanu ndi mwayi wogwiritsa ntchito mizu. Kusatetezekako ndi chifukwa chosakwanira kutsimikizira kwa magawo operekedwa ndi ogwiritsa ntchito komanso kulephera kuwunika bwino malire a buffer powerenga zolowetsa. Zotsatira zake, wowukira atha kupangitsa kuti buffer kusefukira potumiza pempho lopangidwa mwapadera ndikugwiritsa ntchito vutolo kuti apereke nambala yawo.

Kusatetezeka kwachiwiri (CVE-2019-1912) imalola mafayilo osasunthika kuti akwezedwe pa switch popanda kutsimikizika, kuphatikiza kubweza mafayilo osinthira ndikuyambitsa chipolopolo chakumbuyo kuti mulowemo kutali. Vutoli limayamba chifukwa cha kusakwanira kwa zilolezo pa intaneti.

Mutha kuzindikiranso kuchotsedwa kwa zowopsa zochepa zofooka (CVE-2019-1914), yomwe imalola kuti malamulo osasunthika achitidwe ndi mwayi wokhala ndi mizu ngati pali malowedwe ovomerezeka ovomerezeka pa intaneti. Nkhani zimathetsedwa mu Cisco Small Business 220 (1.1.4.4), Zyxel, ndi zosintha za firmware za NETGEAR. Kufotokozera mwatsatanetsatane njira zogwirira ntchito kumakonzedwa kufalitsa Ogasiti 20.

Mavuto amawonekeranso pazida zina kutengera RTL83xx tchipisi, koma sanatsimikizidwebe ndi opanga ndipo sanakhazikitsidwe:

  • EnGenius EGS2110P, EWS1200-28TFP, EWS1200-28TFP;
  • PLANET GS-4210-8P2S, GS-4210-24T2;
  • DrayTek VigorSwitch P1100;
  • CERIO CS-2424G-24P;
  • Xhome DownLoop-G24M;
  • Abaniact (INABA) AML2-PS16-17GP L2;
  • Araknis Networks (SnapAV) AN-310-SW-16-POE;
  • EDIMAX GS-5424PLC, GS-5424PLC;
  • Tsegulani mauna OMS24;
  • Pakedgedevice SX-8P;
  • Chithunzi cha TG-NET P3026M-24POE.

Source: opennet.ru

Kuwonjezera ndemanga