Kutholwe ubungozi obuthathu ku-firmware yamadivayisi ochungechunge lwe-NETGEAR DGN-2200v1, ahlanganisa imisebenzi yemodemu ye-ADSL, irutha nendawo yokufinyelela engenantambo, okukuvumela ukuthi wenze noma yimiphi imisebenzi kusixhumi esibonakalayo sewebhu ngaphandle kokuqinisekisa.
Ukuba sengozini kokuqala kubangelwa ukuthi ikhodi yeseva ye-HTTP inamandla anentambo eqinile yokufinyelela ngokuqondile izithombe, i-CSS namanye amafayela asizayo, angadingi ukuqinisekiswa. Ikhodi iqukethe isheke lesicelo kusetshenziswa imaski yamagama efayela ajwayelekile nezandiso, ezisetshenziswa ngokucinga uchungechunge oluncane kuyo yonke i-URL, okuhlanganisa namapharamitha wesicelo. Uma kunochungechunge oluncane, ikhasi linikezwa ngaphandle kokuhlola ukungena ngemvume kusixhumi esibonakalayo sewebhu. Ukuhlaselwa kwamadivayisi kwehla ekungezeni igama elikhona ohlwini esicelweni; isibonelo, ukuze ufinyelele izilungiselelo zokusebenzelana kwe-WAN, ungathumela isicelo “https://10.0.0.1/WAN_wan.htm?pic.gif” .
Ukuba sengozini kwesibili kubangelwa ukusetshenziswa komsebenzi we-strcmp lapho kuqhathaniswa igama lomsebenzisi nephasiwedi. Ku-strcmp, ukuqhathanisa kwenziwa uhlamvu ngohlamvu kuze kufinyelelwe umehluko noma uhlamvu olunekhodi enguziro, olukhomba ukuphela komugqa. Umhlaseli angazama ukuqagela igama-mfihlo ngokuzama izinhlamvu isinyathelo ngesinyathelo futhi ahlaziye isikhathi kuze kuvele iphutha lokuqinisekisa - uma izindleko zinyukile, kusho ukuthi uhlamvu olulungile lukhethiwe futhi ungadlulela ekuqageleni uhlamvu olulandelayo. entanjeni.
Ukuba sengozini kwesithathu kukuvumela ukuthi ukhiphe iphasiwedi endaweni yokulahlwa yokumisa elondoloziwe, engatholwa ngokusebenzisa ubungozi bokuqala (isibonelo, ngokuthumela isicelo “http://10.0.0.1:8080/NETGEAR_DGN2200.cfg?pic .gif)”. Iphasiwedi ikhona lapho kulahlwa khona ngefomu elibethelwe, kodwa ukubethela kusebenzisa i-algorithm ye-DES kanye nokhiye waphakade othi “NtgrBak”, ongakhishwa ku-firmware.
Ukuze kuxhashazwe ubungozi, kufanele kwenzeke ukuthumela isicelo embobeni yenethiwekhi lapho okusetshenziswa kubonwa kuwebhu (kusuka kunethiwekhi yangaphandle, ukuhlasela kungenziwa, isibonelo, kusetshenziswa inqubo "ye-DNS rebinding"). Izinkinga sezilungisiwe kakade ku-firmware update 1.0.0.60.
Source: opennet.ru