I-ProHoster > Π‘Π»ΠΎΠ³ > izindaba ze-inthanethi > Ukuba sengozini okuvumela ukulawula ukushintsha kwe-Cisco, Zyxel kanye ne-NETGEAR kuma-chips e-RTL83xx ukuthi athathwe

Ukuba sengozini okuvumela ukulawula ukushintsha kwe-Cisco, Zyxel kanye ne-NETGEAR kuma-chips e-RTL83xx ukuthi athathwe

Kumaswishi asekelwe kuma-chips e-RTL83xx, okuhlanganisa i-Cisco Small Business 220, Zyxel GS1900-24, NETGEAR GS75x, ALLNET ALL-SG8208M kanye namadivayisi angaphezu kweshumi nambili avela kubakhiqizi abangaziwayo, ikhonjiwe ubungozi obubalulekile obuvumela umhlaseli ongagunyaziwe ukuthi athole ukulawula iswishi. Izinkinga zidalwa amaphutha ku-Realtek Managed Switch Controller SDK, ikhodi okwasetshenziswa kuyo ukulungisa i-firmware.

Ukuba sengozini kokuqala (CVE-2019-1913) ithinta isixhumi esibonakalayo sokulawula iwebhu futhi yenza kube nokwenzeka ukusebenzisa ikhodi yakho ngamalungelo omsebenzisi wezimpande. Ukuba sengozini kungenxa yokuqinisekiswa okunganele kwamapharamitha anikezwe umsebenzisi kanye nokwehluleka ukuhlola kahle imingcele yebhafa lapho kufundwa idatha yokufaka. Njengomphumela, umhlaseli angabangela isigcinalwazi sichichime ngokuthumela isicelo esiklanywe ngokukhethekile futhi asebenzise inkinga ukuze asebenzise ikhodi yakhe.

Ukuba sengozini kwesibili (CVE-2019-1912) ivumela amafayela angenasizathu ukuthi alayishwe kuswishi ngaphandle kokuqinisekisa, okuhlanganisa nokubhala ngaphezulu amafayela okumisa kanye nokwethulwa kwegobolondo elihlehlayo ukuze ungene ngemvume ukude. Inkinga ibangelwa ukuhlola okungaphelele kwezimvume kusixhumi esibonakalayo sewebhu.

Ungakwazi futhi ukuqaphela ukuqedwa kwengozi encane ubuthakathaka (I-CVE-2019-1914), evumela imiyalo engafanele ukuthi isetshenziswe ngamalungelo ezimpande uma kukhona ukungena okugunyazwe okungenaphutha kusixhumi esibonakalayo sewebhu. Izinkinga zixazululwa kuzibuyekezo ze-firmware ze-Cisco Small Business 220 (1.1.4.4), Zyxel, kanye ne-NETGEAR. Incazelo eningiliziwe yezindlela zokusebenza kuhlelwa shicilela Agasti 20.

Izinkinga ziphinde zivele kwamanye amadivaysi asekelwe ku-RTL83xx chips, kodwa azikakaqinisekiswa abakhiqizi futhi azikakalungiswa:

  • I-EnGenius EGS2110P, EWS1200-28TFP, EWS1200-28TFP;
  • PLANET GS-4210-8P2S, GS-4210-24T2;
  • I-DrayTek VigorSwitch P1100;
  • I-CERIO CS-2424G-24P;
  • I-Xhome DownLoop-G24M;
  • Abaniact (INABA) AML2-PS16-17GP L2;
  • I-Araknis Networks (SnapAV) AN-310-SW-16-POE;
  • I-EDIMAX GS-5424PLC, GS-5424PLC;
  • Vula i-Mesh OMS24;
  • I-Pakedgedevice SX-8P;
  • I-TG-NET P3026M-24POE.

Source: opennet.ru

Engeza amazwana