Kusagadzikana kuina kwakaonekwa muzvikamu zveRealtek SDK, iyo inoshandiswa nevagadziri vakasiyana-siyana vasina waya mune yavo firmware, iyo inogona kubvumira munhu asina kutenderwa anorwisa kuti aite kure kure kodhi pachigadzirwa chine ropafadzo dzakakwirira. Zvinoenderana nekufungidzira kwekutanga, matambudziko anokanganisa angangoita mazana maviri emhando dzemidziyo kubva kune makumi matanhatu neshanu evatengesi vakasiyana, kusanganisira akasiyana mawaya ma routers Asus, A-Link, Beeline, Belkin, Buffalo, D-Link, Edison, Huawei, LG, Logitec, MT- Link, Netgear, Realtek, Smartlink, UPVEL, ZTE uye Zyxel.
Dambudziko rinofukidza akasiyana makirasi ezvishandiso zvisina waya zvakavakirwa paRTL8xxx SoC, kubva kune isina waya ma routers uye Wi-Fi amplifiers kuenda ku IP makamera uye akangwara magetsi ekudzora mwenje. Midziyo yakavakirwa paRTL8xxx machipi anoshandisa chivakwa chinosanganisira kuisirwa maSoC maviri - yekutanga inoisa mugadziri weLinux-based firmware, uye yechipiri inomhanyisa yakaparadzana-pasi Linux nharaunda nekuitwa kwenzvimbo yekuwana mabasa. Kuzadzwa kwenzvimbo yechipiri kunobva pane zvakajairwa zvikamu zvakapihwa neRealtek muSDK. Izvi zvikamu zvakare zvinogadzirisa data yakagamuchirwa semugumisiro wekutumira zvikumbiro zvekunze.
Kusagadzikana kunokanganisa zvigadzirwa zvinoshandisa Realtek SDK v2.x, Realtek "Jungle" SDK v3.0-3.4 uye Realtek "Luna" SDK isati yasvika vhezheni 1.3.2. Iyo gadziriso yakatoburitswa muRealtek "Luna" SDK 1.3.2a yekuvandudza, uye zvigamba zveRealtek "Jungle" SDK zviri kugadzirirwa kuburitswa. Iko hakuna hurongwa hwekuburitsa chero zvigadziriso zveRealtek SDK 2.x, sezvo rutsigiro rwebazi iri rwakatomiswa. Kune kwese kusasimba, kushanda kwekushandisa prototypes kunopihwa iyo inobvumidza iwe kuti uite kodhi yako pachishandiso.
Kuzivikanwa kusasimba (vaviri vekutanga vanopihwa hutsinye hwe8.1, uye vamwe - 9.8):
- CVE-2021-35392 - Buffer inofashukira mune mini_upnpd uye wscd maitiro ayo anoita iyo "WiFi Nyore Config" mashandiro (mini_upnpd maitiro eSSDP mapaketi, uye wscd, mukuwedzera kutsigira SSDP, inogadzirisa zvikumbiro zveUPnP zvinoenderana neHTTP protocol). Anorwisa anogona kuita kodhi yavo nekutumira zvakanyatsogadzirwa UPnP "SUBSCRIBE" zvikumbiro nenhamba yakawandisa yechiteshi mundima ye "Callback". SUBSCRIBE /upnp/event/WFAWLANConfig1 HTTP/1.1 Host: 192.168.100.254:52881 Callback: NT: up
- CVE-2021-35393 injodzi muWiFi Nyore Config zvibatiso zvinoitika kana uchishandisa SSDP protocol (inoshandisa UDP uye fomu yekukumbira yakafanana neHTTP). Iyo nyaya inokonzerwa nekushandiswa kweiyo yakagadziriswa buffer ye512 bytes paunenge uchigadzira iyo "ST: upnp" parameter muM-SEARCH meseji inotumirwa nevatengi kuti vaone kuvepo kwesevhisi pane network.
- CVE-2021-35394 ndeyekusagadzikana muMP Daemon process, iyo ine basa rekuita diagnostic Operations (ping, traceroute). Dambudziko rinobvumira kutsiviwa kwemirairo yako nekuda kwekusakwana kutarisa kwenharo paunenge uchiita zvekunze zvinoshandiswa.
- CVE-2021-35395 nhevedzano yekusagadzikana muwebhu interfaces zvichibva pane http maseva /bin/webs uye /bin/boa. Matambudziko anokonzerwa nekushaikwa kwekutarisa nharo usati watanga zvekunze zvinoshandiswa uchishandisa system() basa zvakaonekwa mumaseva ese ari maviri. Misiyano inodzika chete pakushandiswa kweakasiyana maAPI ekurwiswa. Vese vanobata havana kusanganisira dziviriro kubva kuCSRF kurwiswa uye "DNS rebinding" nzira, iyo inobvumira kutumira zvikumbiro kubva kune yekunze network uku ichirambidza kupinda kune iyo interface chete kune yemukati network. Maitiro zvakare akasarudzika kune yakafanotsanangurwa maneja / maneja account. Pamusoro pezvo, kuwanda kwakawanda kwakapetwa kwakaonekwa mune vanobata, izvo zvinoitika kana nharo dzakakura kwazvo dzinotumirwa. POST /goform/formWsc HTTP/1.1 Host: 192.168.100.254 Content-Length: 129 Content-Type: application/x-www-form-urlencoded submit-url=%2Fwlwps.asp&resetUnCfg=0&peerPin=12345678/config> ;&setPIN=Tanga+PIN&configVxd=off&resetRptUnCfg=1&peerRptPin=
- Pamusoro pezvo, akati wandei kusadzivirirwa akaonekwa muUDPServer maitiro. Sezvazvakazoitika, imwe yematambudziko yakanga yatowanikwa nevamwe vaongorori kumashure muna 2015, asi haina kunyatsogadziriswa. Dambudziko rinokonzerwa nekushaikwa kwechokwadi chechokwadi chenharo dzakapfuudzwa kune system() basa uye inogona kushandiswa nekutumira tambo yakaita se'orf;ls' kune network port 9034. Pamusoro pezvo, buffer mafashama akaonekwa muUDPServer nekuda kwekusachengeteka kushandiswa kweiyo sprintf basa, iyo inogona zvakare kushandiswa kuita kurwisa.
Source: opennet.ru