JVN#22440986: Multiple Allied Telesis products vulnerable to buffer overflow

AR Router Series and Alliedware switches provided by Allied Telesis Group contain a buffer overflow vulnerability (CWE-788) due to a flaw when processing a POST method.

Impact

Arbitrary code may be executed when processing a specially crafted HTTP request.

Solution

Update the Firmware
Update to the latest version according to the information provided by the developer.

Apply a workaround
The following workaround may mitigate the affects of this vulnerability.

• Disable HTTP services (use the command “DISABLE HTTP SERVER”)
• Restrict HTTP access

Products Affected

The following products with the firmware version 2.9.1-20 and earlier are affected.

Routers

• CentreCOM AR300 v2 (End of Support)

• CentreCOM AR300L v2 (End of Support)

• CentreCOM AR320 (End of Support)

• CentreCOM AR410(S) v2 (End of Support)

• CentreCOM AR720(S) (End of Support)

• CentreCOM AR740(S) (End of Support)

• CentreCOM AR450S (End of Support)

• CentreCOM AR415S

• CentreCOM AR550S

• CentreCOM AR560S

• CentreCOM AR570S

• AR440S

• AR441S

• AR442S

• AR745

• AR750S

• AR750S-DP
  Switches

• CentreCOM 8700XL Series (End of Support)

• CentreCOM 9812T Series (End of Support)

• CentreCOM 9816GB Series (End of Support)

• CentreCOM 9924Ts Series (End of Support)

• CentreCOM 9924T/4SP Series (End of Support)

• CentreCOM 9924SP (End of Support)

• CentreCOM 8700SL Series

• CentreCOM 8948XL Series

• CentreCOM 8724SLv2

• SwitchBlade4000

• AT-8624T/2M

• AT-8648T/2SP

• AT-8624POE

• AT-8848

• AT-9924T

• Rapier 48i