ProHoster > Blog > talafou initaneti > Fa'aletonu e fa'atagaina ai le pulea o Cisco, Zyxel ma NETGEAR sui i RTL83xx kiliva e ave i luga.

Fa'aletonu e fa'atagaina ai le pulea o Cisco, Zyxel ma NETGEAR sui i RTL83xx kiliva e ave i luga.

I suiga faʻavae ile RTL83xx chips, e aofia ai Cisco Small Business 220, Zyxel GS1900-24, NETGEAR GS75x, ALLNET ALL-SG8208M ma sili atu ma le sefulu masini mai le au gaosi oloa e le lauiloa, faaalia faʻalavelave faʻalavelave e mafai ai e se tagata osofaʻi e leʻi faʻamaonia ona maua le pule o le ki. O faʻafitauli e mafua mai i mea sese i le Realtek Managed Switch Controller SDK, o le code na faʻaaogaina e saunia ai le firmware.

Muamua vaivai (CVE-2019-1913) e aʻafia ai le faʻaogaina o le upega tafaʻilagi ma mafai ai ona faʻatino lau faʻailoga faʻatasi ai ma avanoa faʻaoga aʻa. O le fa'aletonu e mafua ona o le le lava o le fa'amaoniaina o tapula'a na tu'uina atu e le tagata fa'aoga ma le le mafai ona iloilo lelei tuaoi pa'u pe a faitau fa'amatalaga fa'aoga. O le iʻuga, e mafai e se tagata osofaʻi ona faʻatupuina se paʻu e ala i le tuʻuina atu o se talosaga faʻapitoa ma faʻaogaina le faʻafitauli e faʻatino ai a latou code.

Fa'aletonu lona lua (CVE-2019-1912) fa'ataga faila e tu'u i luga o le ki e aunoa ma le fa'amaoni, e aofia ai le fa'asolo i lalo o faila fa'atulagaina ma le fa'ailoaina o se atigi fa'afeagai mo le saini mamao. O le faʻafitauli e mafua mai i le le atoatoa o le siakiina o faʻatagaga i totonu o le upega tafaʻilagi.

E mafai foi ona e maitauina le faʻaumatiaina o le faʻaitiitia o le lamatiaga fa'aletonu (CVE-2019-1914), lea e mafai ai ona faʻatinoina faʻatonuga faʻatasi ma faʻamanuiaga aʻa pe afai o loʻo i ai se saini faʻamaonia e le faʻamaonia i luga o le upega tafaʻilagi. O faʻafitauli e foia i Cisco Small Business 220 (1.1.4.4), Zyxel, ma NETGEAR firmware faʻafouina. O loʻo faʻatulagaina se faʻamatalaga auiliili o auala faʻaogaina fa'asalalau 20 Aokuso.

O faʻafitauli e aliali mai foʻi i isi masini e faʻavae ile RTL83xx chips, ae e leʻi faʻamaonia e le au gaosi oloa ma e leʻi faʻamautuina:

  • EnGenius EGS2110P, EWS1200-28TFP, EWS1200-28TFP;
  • PLANET GS-4210-8P2S, GS-4210-24T2;
  • DrayTek VigorSwitch P1100;
  • CERIO CS-2424G-24P;
  • Xhome DownLoop-G24M;
  • Abaniact (INABA) AML2-PS16-17GP L2;
  • Araknis Networks (SnapAV) AN-310-SW-16-POE;
  • EDIMAX GS-5424PLC, GS-5424PLC;
  • Tatala Mesh OMS24;
  • Pakedgedevice SX-8P;
  • TG-NET P3026M-24POE.

puna: opennet.ru

Faaopoopo i ai se faamatalaga