Realtek has warned of four vulnerabilities found in three SDKs for Wi-Fi modules. These modules are used in almost 200 IoT device models made by at least 65 vendors.

Discovered flaws affect Realtek SDK v2.x, Realtek Jungle SDK v3.0, v3.1, v3.2, v3.4.x, v3.4T, v3.4T-CT, and Realtek Luna SDK up to version 1.3.2. These bugs could be abused to fully compromise the target device and execute arbitrary code with the highest level of privilege.

The following vulnerabilities were found in the listed SDKs:

CVE-2021-35392 (CVSS score: 8.1): Heap buffer overflow in ‘WiFi Simple Config’ server;

CVE-2021-35393 (CVSS score: 8.1): Stack buffer overflow in ‘WiFi Simple Config’ server;

CVE-2021-35394 (CVSS score: 9.8): Multiple buffer overflow vulnerabilities and an arbitrary command injection vulnerability in 'UDPServer' MP tool;

CVE-2021-35395 (CVSS score: 9.8): Multiple buffer overflow vulnerabilities in HTTP web server 'boa'.

These problems can pose a threat to many devices that use the company's Wi-Fi modules. The list includes travel routers, Wi-Fi repeaters, IP cameras, «smart» toys and other devices from a wide range of manufacturers such as AIgital, ASUSTek, Beeline, Belkin, Buffalo, D-Link, Edimax, Huawei, LG , Logitech, MT-Link, Netis, Netgear, Occtel, PATECH, TCL, Sitecom, ZTE, Zyxel, and Realtek's own router lineup.

The security issues are said to have remained in Realtek's codebase for more than a decade. The vulnerabilities are currently fixed.

Source: xakep.ru