ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Nuglaanta ku jirta Realtek SDK waxay keentay dhibaatooyin aaladaha 65 soo saarayaasha

Nuglaanta ku jirta Realtek SDK waxay keentay dhibaatooyin aaladaha 65 soo saarayaasha

Afar baylah ayaa lagu aqoonsaday qaybo ka mid ah Realtek SDK, oo ay adeegsadaan soosaarayaasha aaladaha bilaa-waayirka ee kala duwan ee firmware-kooda, taas oo u oggolaan karta weeraryahan aan la xaqiijin inuu meel fog ka fuliyo koodka aaladda mudnaanta sare leh. Marka loo eego qiyaasaha hordhaca ah, dhibaatooyinku waxay saameeyaan ugu yaraan 200 oo nooc oo qalab ah oo ka socda 65 alaab-qeybiyeyaal kala duwan, oo ay ku jiraan noocyo kala duwan oo ah router-ka wireless-ka Asus, A-Link, Beeline, Belkin, Buffalo, D-Link, Edison, Huawei, LG, Logitec, MT- Isku xirka, Netgear, Realtek, Smartlink, UPVEL, ZTE iyo Zyxel.

Dhibaatadu waxay dabooshaa noocyo kala duwan oo ah aaladaha wireless-ka ee ku saleysan RTL8xxx SoC, laga bilaabo jiheeyayaasha wireless-ka iyo amplifiers Wi-Fi ilaa kamaradaha IP iyo aaladaha kontoroolka nalalka smart. Aaladaha ku saleysan chips-ka RTL8xxx waxay adeegsadaan qaab dhismeed ay ku lug leeyihiin rakibaadda laba SoCs - kan ugu horreeya wuxuu rakibaa soo saaraha firmware-ka Linux-ku-saleysan, kan labaadna wuxuu maamulaa deegaan Linux ah oo gooni-gooni ah iyadoo la hirgelinayo shaqooyinka barta gelitaanka. Buuxinta deegaanka labaad waxay ku salaysan tahay qaybaha caadiga ah ee ay bixiso Realtek ee SDK. Qaybahani waxay sidoo kale habeeyaan xogta la helay taasoo keentay dirista codsiyada dibadda.

Nuglaanta waxay saamaysaa alaabta adeegsata Realtek SDK v2.x, Realtek "Jungle" SDK v3.0-3.4 iyo Realtek "Luna" SDK ka hor nooca 1.3.2. Hagaajinta waxaa mar hore lagu sii daayay cusboonaysiinta Realtek "Luna" SDK 1.3.2a, iyo dhejisyada Realtek "Jungle" SDK ayaa sidoo kale loo diyaarinayaa daabacaadda. Ma jiraan wax qorshayaal ah oo lagu siidaayo wax hagaajin ah oo loogu talagalay Realtek SDK 2.x, maadaama taageerada laantan mar hore la joojiyay. Waxyeellada oo dhan, noocyada ka faa'iidaysiga shaqeeya ayaa la bixiyaa kuwaas oo kuu oggolaanaya inaad ku fuliso koodka aaladda.

Nuglaanta la aqoonsaday (labada hore waxaa loo qoondeeyay heerka darnaanta 8.1, inta soo hartayna - 9.8):

  • CVE-2021-35392 - Buffer buuxdhaafay ee mini_upnpd iyo wscd geeddi-socodka hirgelinta "WiFi Simple Config" shaqaynta (mini_upnpd hababka SSDP xidhmooyin, iyo wscd, marka lagu daro taageeridda SSDP, socodsiiso codsiyada UPnP ee ku salaysan HTTP-protocol). Weeraryahanku wuxuu ku guuleysan karaa fulinta koodkiisa isagoo soo diraya codsiyo UPnP "SUBSCRIBE" oo si gaar ah loo farsameeyay oo leh nambar deked aad u weyn oo ku yaal goobta "Dib-u- yeerid". SUBSCRIBE /upnp/dhacdooyinka/WFAWLANConfig1 HTTP/1.1 Martigeliyaha: 192.168.100.254:52881 Soo celinta: NT:upnp:dhacdo
  • CVE-2021-35393 waa u nuglaanshaha maamulayaasha Konfiga fudud ee WiFi ee dhaca marka la isticmaalayo borotokoolka SSDP (waxay adeegsataa UDP iyo qaab codsi la mid ah HTTP). Arrintu waxaa sababa isticmaalka kayd go'an oo ah 512 bytes marka la farsameynayo "ST:upnp" parameterka ee farriimaha M-SEARCH ee ay macaamiishu soo diraan si loo go'aamiyo joogitaanka adeegyada shabakadda.
  • CVE-2021-35394 waa u nuglaanshaha habka MP Daemon, kaas oo mas'uul ka ah fulinta hawlgallada ogaanshaha (ping, traceroute). Dhibaatadu waxay ogolaataa beddelka qofka amarradiisa sababtoo ah hubin la'aanta doodaha marka la fulinayo adeegyada dibadda.
  • CVE-2021-35395 waa nuglaanta taxana ah ee dhex galka shabakadaha ee ku salaysan adeegayaasha http /bin/webs iyo /bin/boa. Nuglaanta caadiga ah ee ay keento la'aanta hubinta dooda ka hor inta aan la bilaabin tamarta dibadda iyadoo la adeegsanayo nidaamka () shaqada ayaa lagu aqoonsaday labada adeeg. Kala duwanaanshuhu wuxuu ku soo degayaa kaliya isticmaalka API-yo kala duwan oo weerar ah. Labada maamule kuma jiraan ka ilaalinta weerarrada CSRF iyo farsamada "dib-u-celinta DNS", taas oo u oggolaanaysa soo dirida codsiyada shabakad dibadda ah iyada oo xaddidaysa gelitaanka interface kaliya ee shabakadda gudaha. Hab-socodyadu waxay sidoo kale ku dhici waayeen koontada kormeeraha/kormeeraha ee horay loo sii qeexay. Intaa waxaa dheer, dhowr xirmo oo buuxdhaafay ayaa lagu aqoonsaday maamulayaasha, kuwaas oo dhaca marka doodaha aad u weyn la diro. POST /goform/formWsc HTTP/1.1 Martigeliyaha: 192.168.100.254 Content-Length: 129 Content-Nooca: codsiga/x-www-form-urlencoded gudbi-url=%2Fwlwps.asp&resetUnCfg=0&peer12345678=1; ;&setPIN=Bilow+PIN&configVxd=off&resetRptUnCfg=0&peerRptPin=
  • Intaa waxaa dheer, dhowr dayacan oo kale ayaa lagu aqoonsaday habka UDPServer. Sida ay soo baxday, mid ka mid ah dhibaatooyinka ayaa mar horeba ay ogaadeen cilmi-baarayaasha kale ee 2015, laakiin si buuxda looma saxin. Dhibaatada waxaa sababa la'aanta ansaxinta saxda ah ee doodaha loo gudbiyay nidaamka () shaqada waxaana laga faa'iidaysan karaa in loo soo diro xadhig sida 'orf;ls' dekedda shabakada 9034. Intaa waxaa dheer, qulqulka xad dhaafka ah ayaa lagu aqoonsaday UDPServer sababtoo ah isticmaalka aan sugnayn ee shaqada sprintf, kaas oo sidoo kale suurtagal ah in loo isticmaalo fulinta weerarada.

Source: opennet.ru

Add a comment