{"id":4863,"date":"2023-05-30T21:00:57","date_gmt":"2023-05-30T19:00:57","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=4863"},"modified":"2023-05-30T21:00:57","modified_gmt":"2023-05-30T19:00:57","slug":"zyxel-firewall-i-vpn-ranjivosti","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2023\/05\/30\/zyxel-firewall-i-vpn-ranjivosti\/","title":{"rendered":"Zyxel firewall i VPN ranjivosti"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Kompanija <em>Zyxel<\/em> je objavila sigurnosna a\u017euriranja koja rje\u0161avaju problem ranjivosti <em>firewall<\/em> i <a href=\"https:\/\/sajberinfo.com\/en\/2021\/10\/17\/vpn-sigurno-mrezno-povezivanje\/\" target=\"_blank\" rel=\"nofollow noopener\"><em>VPN<\/em><\/a> proizvoda ove kompanije.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4866\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/6847404246_905a0cd904_k.jpg\" alt=\"ZyXEL\" width=\"1024\" height=\"680\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/6847404246_905a0cd904_k.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/6847404246_905a0cd904_k-300x199.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/6847404246_905a0cd904_k-768x510.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/6847404246_905a0cd904_k-18x12.jpg 18w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p class=\"attribution\"><em>&#8220;<a href=\"https:\/\/www.flickr.com\/photos\/15505023@N02\/6847404246\" target=\"_blank\" rel=\"noopener noreferrer\">Network Security Gateway, ZyXEL ZyWALL USG 100<\/a>&#8221; by <a href=\"https:\/\/www.flickr.com\/photos\/15505023@N02\" target=\"_blank\" rel=\"noopener noreferrer\">pobre.ch<\/a> is licensed under <a href=\"https:\/\/creativecommons.org\/licenses\/by\/2.0\/?ref=openverse\" target=\"_blank\" rel=\"noopener noreferrer\">CC BY 2.0 <img decoding=\"async\" style=\"height: 1em; margin-right: 0.125em; display: inline;\" src=\"https:\/\/mirrors.creativecommons.org\/presskit\/icons\/cc.svg\" alt=\"\"><img decoding=\"async\" style=\"height: 1em; margin-right: 0.125em; display: inline;\" src=\"https:\/\/mirrors.creativecommons.org\/presskit\/icons\/by.svg\" alt=\"\"><\/a>.<\/em><\/p>\n<h2><span style=\"font-size: 14pt;\"><strong><em>Firewall<\/em> i <em>VPN<\/em> ranjivosti<\/strong><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Ranjivosti koje su otkrivene <em>firewall<\/em> i <em>VPN<\/em> proizvodima kompanije <em>Zyxel<\/em> mogu omogu\u0107iti napada\u010du daljinsko izvr\u0161avanje proizvoljnog k\u00f4da. Ranjivosti su ozna\u010dene kao <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33009\" target=\"_blank\" rel=\"noopener\"><em>CVE-2023-33009<\/em><\/a> i <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33010\" target=\"_blank\" rel=\"noopener\"><em>CVE-2023-33010<\/em><\/a> se odnose na ranjivost prelivanja me\u0111uspremnika (eng. <em>buffer overflow<\/em>) i obije su ozna\u010dene sa <em>CVSS<\/em> ocjenom <em>9.8<\/em> od maksimalne ocjene <em>10<\/em>.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\"><em>CVE-2023-33009<\/em> je ranjivost prelivanja me\u0111uspremnika u funkciji obavje\u0161tenja koja mo\u017ee da omogu\u0107i napada\u010du da izazove stanje uskra\u0107ivanja usluge (eng. <em>denial-of-service \u2013 DoS<\/em>) i\u00a0 daljinsko izvr\u0161avanje proizvoljnog k\u00f4da.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\"><em>CVE-2023-33010<\/em> je ranjivost prelivanja me\u0111uspremnika u funkciji obrade identiteta koja mo\u017ee da omogu\u0107i napada\u010du a izazove stanje uskra\u0107ivanja usluge i\u00a0 daljinsko izvr\u0161avanje proizvoljnog k\u00f4da.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"font-size: 14pt;\"><strong>Ranjivi ure\u0111aji<\/strong><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Kompanija <em>Zyxel<\/em> je objavila da su ranjivi ure\u0111aji sa sljede\u0107im upravlja\u010dkim softverom (eng. <em>firmware<\/em>):<\/span><\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><span style=\"font-size: 14pt;\"><em>Zyxel ATP<\/em> sa verzijom upravlja\u010dkog softvera <em>ZLD V4.32<\/em> do <em>V5.36 Patch 1<\/em> (ispravljeno u <em>ZLD V5.36 Patch 2<\/em>)<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>Zyxel USG FLEX<\/em> sa verzijom upravlja\u010dkog softvera <em>ZLD V4.50<\/em> do <em>V5.36 Patch 1<\/em> (ispravljeno u <em>ZLD V5.36 Patch 2<\/em>)<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>Zyxel USG FLEX50(W)<\/em> \/ <em>USG20(W)-VPN<\/em>\u00a0 sa verzijom upravlja\u010dkog softvera <em>ZLD V4.25<\/em> to <em>V5.36 Patch 1<\/em> (ispravljeno u <em>ZLD V5.36 Patch 2<\/em>)<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h4><span style=\"font-size: 14pt;\"><strong>Preporuke<\/strong><\/span><\/h4>\n<p><span style=\"font-size: 14pt;\">Proizvo\u0111a\u010d preporu\u010duje korisnicima pogo\u0111enih proizvoda da primjene najnovija bezbjednosna a\u017euriranja \u0161to je pre mogu\u0107e kako bi se eliminisao rizik da napada\u010di iskoriste ove dvije ranjivosti.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Ove ure\u0111aje obi\u010dno koriste mala i srednja preduze\u0107a kako bi za\u0161titile svoje poslovanje i omogu\u0107ile siguran pristup mre\u017ei (<em>VPN<\/em>) udaljenim radnicima ili radnicima koji rade kod ku\u0107e.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\"><a href=\"https:\/\/sajberinfo.com\/en\/2022\/03\/19\/hakeri-crni-sesiri-epizoda-3\/\" target=\"_blank\" rel=\"nofollow noopener\">Zlonamjerni napada\u010di<\/a> budno paze na sve kriti\u010dne nedostatke koji uti\u010du na ovakve ure\u0111aje, jer im to mo\u017ee olak\u0161ati pristup poslovnim mre\u017eama, tako da korisnici treba da budu oprezni i da se na vrijeme za\u0161tite.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Kompanija Zyxel je objavila sigurnosna a\u017euriranja koja rje\u0161avaju problem ranjivosti firewall i VPN proizvoda ove kompanije. &#8220;Network Security Gateway, ZyXEL ZyWALL USG 100&#8221; by pobre.ch is licensed under CC BY 2.0 . Firewall i&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":4866,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[386,162,78,126,385],"class_list":["post-4863","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-denial-of-service-dos","tag-firewall","tag-vpn","tag-vulnerability","tag-zyxel"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4863","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=4863"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4863\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/4866"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=4863"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=4863"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=4863"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}