15 vulnerabilities discovered in software development kit for wireless routers

Jul 10, 2024 08:00 pm Cyber Security 79

Cisco Talos’ Vulnerability Research team recently discovered 15 vulnerabilities in the Realtek rtl819x Jungle software development kit used in some small and home office wireless routers.

This SDK uses the discontinued, open-source Boa as its web server. Talos researchers discovered these vulnerabilities in the Jungle SDK while researching other vulnerabilities in the LevelOne WBR-6013 wireless router, which are also covered in this blog post. 

Realtek has patched these issues in the SDK, all in adherence to Cisco’s third-party vulnerability disclosure policy, while LevelOne has declined to release a fix.

For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website

Multiple vulnerabilities in Realtek rtl819x Jungle SDK

Discovered by Francesco Benvenuto and Kelly Patterson.

The Realtek rtl819x Jungle software development kit contains 15 vulnerabilities, some of which could lead to arbitrary execution. The SDK uses Boa — a deprecated, open-source software — as a webserver. 

The LevelOne WBR-6013, a small and home office (SOHO) wireless router, uses Jungle as its SDK.

Multiple stack-based buffer overflow vulnerabilities arise if an adversary sends a specially crafted set of HTTP requests to the targeted device:

TALOS-2023-1875 (CVE-2023-49073)TALOS-2023-1876 (CVE-2023-48270)TALOS-2023-1878 (CVE-2 ..

Support the originator by clicking the read the rest link below.
vulnerabilities discovered software development wireless routers
Read The Rest from the original source
blog.talosintelligence.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!