keywords: ip pbx voip gateway gsm gateway

×

Notice

The forum is in read only mode.
× Questions about VS-GW2120/GW1600/GW1202 and WGW1002G GSM Series VoIP Gateway

SWG-2032-4s Dropbear < 2020.79 Mishandling Filenames Vulnerability

1 year 1 month ago #15328 by imbc00
hello,

my wireless gateway got Vulnerability. please let me know how to upgrade dropbear version, detail as follow:

wireless gateway version: SWG-2032-4s
system version is : 2.2.0



CVSS:
8.1
Serverity:
High
Vulnerability Title:
Dropbear < 2020.79 Mishandling Filenames Vulnerability
Summary:
Dropbear is mishandling the filename.or an empty filename.
Specific Result:
Installed version: 2019. 78 Fixed version: 2020. 79 Installation path / port: 12345/tcp
Impact:
Successful exploitation would allow an attacker to modify the permissions of the target directory on the client side.
Solution (Vendor Fix):
Update Dropbear to version 2020.79 or later.
Affected Software/ OS:
Dropbear before version 2020.79.
References:
www.cvedetails.com/cve/CVE-2020-36254/

regard,
Attachments:
1 year 1 month ago #15329 by cindy.zuo
Hello,
2.2.0 is the latest version of the system. We have submitted this vulnerability problem to the R&D. Please pay attention to the update of the subsequent version.
1 year 1 month ago #15330 by imbc00
hi Cindy,

is there any ETA? when I can update the version which included the fix regarding my vulnerability
1 year 1 month ago #15331 by cindy.zuo
Hello,
I don't know now, this depends on the work schedule of the R&D department
1 year 1 month ago #15332 by imbc00
hi Cindy,

could you please follow up with your R&D team?
checking online firmware still remains 2.2.0 version
Attachments:
1 year 1 month ago #15333 by cindy.zuo
This issue has not been fixed and the latest version is 2.2.0
Time to create page: 0.036 seconds
Powered by Kunena Forum