Mukuchinja kwakavakirwa paRTL83xx machipisi, anosanganisira Cisco Diki Bhizinesi 220, Zyxel GS1900-24, NETGEAR GS75x, ALLNET ALL-SG8208M uye zvinopfuura gumi nemaviri zvishandiso kubva kune vasingazivikanwe vagadziri, kusasimba kwakanyanya kunobvumira munhu asina kutenderwa anorwisa kuti awane kutonga kweiyo switch. Matambudziko anokonzerwa nezvikanganiso muRealtek Managed Switch Controller SDK, iyo kodhi kubva iyo yakashandiswa kugadzirira firmware.
(CVE-2019-1913) inokanganisa webhu kudzora interface uye inoita kuti zvikwanise kuita kodhi yako nemidzi yemushandisi ropafadzo. Kusagadzikana kunokonzerwa nekusakwana kwechokwadi kwezviyero zvinopihwa nemushandisi uye kutadza kunyatsoongorora miganhu yebuffer paunenge uchiverenga data rekuisa. Nekuda kweizvozvo, munhu anorwisa anogona kukonzera buffer kufashukira nekutumira chikumbiro chakanyatsogadzirwa uye kushandisa dambudziko kuita kodhi yavo.
(CVE-2019-1912) inobvumira mafaera ekupokana kuti atakurwe pane switch pasina humbowo, kusanganisira kudzoreredza mafaera ekugadzirisa uye kuvhura goko reverse rekupinda kure. Dambudziko rinokonzerwa nekusakwana kutarisa kwemvumo muwebhu interface.
Unogonawo kucherechedza kubviswa kwengozi shoma (CVE-2019-1914), iyo inobvumira mirairo yekupokana kuti iitwe neropafadzo dzemidzi kana paine kusarongeka kwakatendeseka kwekupinda kune yewebhu interface. Nyaya dzinogadziriswa muCisco Diki Bhizinesi 220 (1.1.4.4), Zyxel, uye NETGEAR firmware updates. Tsanangudzo yakadzama yemaitiro ekushanda inorongwa Nyamavhuvhu 20st.
Matambudziko anoonekwawo mune mamwe maturusi akavakirwa paRTL83xx machipisi, asi haasati asimbiswa nevagadziri uye haasati agadziriswa:
- EnGenius EGS2110P, EWS1200-28TFP, EWS1200-28TFP;
- PLANET GS-4210-8P2S, GS-4210-24T2;
- DrayTek VigorSwitch P1100;
- CERIO CS-2424G-24P;
- Xhome DownLoop-G24M;
- Abaniact (INABA) AML2-PS16-17GP L2;
- Araknis Networks (SnapAV) AN-310-SW-16-POE;
- EDIMAX GS-5424PLC, GS-5424PLC;
- Vhura Mesh OMS24;
- Pakedgedevice SX-8P;
- TG-NET P3026M-24POE.
Source: opennet.ru