¿ø¹® ¸µÅ©:
- CISA Advices Owners of Certain D-Link Routers to Urgently Retire Them
- The US Cybersecurity and Infrastructure Security Agency, or CISA, is advising consumers and businesses to retire a whole range of D-Link routers, due to the devices being EOL. This is due to a severe vulnerability that affects the devices that goes under the CVE-ID of CVE-2021-45382. This is a remot...
https://www.techpowerup.com/293794/cisa-advices-owners-of-certain-d-link-routers-to-urgently-retire-them
±¸±Û ¹ø¿ª:
¹Ì±¹ »çÀ̹ö º¸¾È ¹× ±â¹Ý ½Ã¼³ º¸¾È±¹(CISA)Àº ¼ÒºñÀÚ¿Í ±â¾÷¿¡ ÀåÄ¡°¡ ´ÜÁ¾µÇ±â ¶§¹®¿¡ Àüü ¹üÀ§ÀÇ D-Link ¶ó¿ìÅ͸¦ Æó±âÇÒ °ÍÀ» ±Ç°íÇÏ°í ÀÖ½À´Ï´Ù. ÀÌ´Â CVE-2021-45382ÀÇ CVE-ID¿¡ ÇØ´çÇÏ´Â ÀåÄ¡¿¡ ¿µÇâÀ» ¹ÌÄ¡´Â ½É°¢ÇÑ Ãë¾àÁ¡ ¶§¹®ÀÔ´Ï´Ù. ÀÌ°ÍÀº ¿ø°Ý ¸í·É ½ÇÇà(RCE) Ãë¾àÁ¡À̸ç D-Link¿¡ ÀÇÇØ ÆÐÄ¡µÉ °¡´É¼ºÀÌ ¾øÀ¸¸ç ÀÌ·¯ÇÑ ÀåÄ¡¸¦ ¼µÑ·¯ ¿ÀÇÁ¶óÀÎÀ¸·Î ÀüȯÇØ¾ß ÇÒ ¸¸Å ½É°¢ÇÑ °ÍÀ¸·Î °£Áֵ˴ϴÙ. Ãë¾àÁ¡À¸·Î ÀÎÇØ °ø°ÝÀÚ´Â ncc2 ¼ºñ½ºÀÇ "Áø´Ü ÈÄÅ©"¸¦ »ç¿ëÇÏ¿© ÀÌ·¯ÇÑ ÀåÄ¡¸¦ ÀμöÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ ¼ºñ½º´Â DDNS ±â´É¿¡ ¿¬°áµÇ¾î ÀÖÀ¸¸ç °ø°ÝÀÚ°¡ ¾Ç¼º Äڵ带 »ðÀÔÇÏ¿© Àüü ¾×¼¼½º ±ÇÇÑÀ» ¾òÀ» ¼ö ÀÖ½À´Ï´Ù.
°³³ä Áõ¸í ÄÚµå´Â ÀÌ¹Ì GitHub¿¡ Á¸ÀçÇϹǷΠÀÌ °ø°Ý º¤ÅÍ°¡ »ç¿ëµÉ °¡´É¼ºÀÌ ´õ ³ô¾ÆÁý´Ï´Ù. ÇöÀç±îÁö ¾Ë·ÁÁø ¿µÇâÀ» ¹Þ´Â ÀåÄ¡´Â D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L ¹× DIR-836LÀÌ¸ç ¸ðµç Çϵå¿þ¾î ¹öÀüÀÌ ¿µÇâÀ» ¹Þ½À´Ï´Ù. ÀÌ·¯ÇÑ ¶ó¿ìÅÍÀÇ ´ëºÎºÐÀº 2012³â¿¡¼ 2014³â »çÀÌ¿¡ Ãâ½ÃµÇ¾úÀ¸¸ç Realtek ¶Ç´Â Ralink(ÇöÀç MediaTek) Çϵå¿þ¾î·Î º¸ÀÌ´Â °ÍÀ» ±â¹ÝÀ¸·Î ÇÏ´Â 802.11n ¶Ç´Â 802.11ac ÀåÄ¡ÀÔ´Ï´Ù. D-Link DIR-610 ¹× DIR-645¿Í Netgear DGN2200µµ CISA°¡ Æó±â¸¦ ±ÇÀåÇÏ´Â ÀåÄ¡À̱⠶§¹®¿¡ CISA°¡ ÃÖ±Ù¿¡ Á¶¾ðÇÑ ÀåÄ¡´Â À̰͸¸ÀÌ ¾Æ´Õ´Ï´Ù.
|