ID

VAR-200006-0121

TITLE

Allegro RomPager Abnormal URL Request Denial of Service Attack

DESCRIPTION

Allegro's RomPager is an embedded WEB service product, which is more used to provide WWW management capabilities for network printers, switches and other network devices. If you submit a specially designed exception request, it may crash, often causing problems with the managed device, and the network device or even the entire network is unavailable at this time. All a remote attacker needs is a browser. Versions other than 2.10 may also be affected by this attack. The following is a list of some manufacturers' products known to use Allegro RomPager: 3Com: TotalSwitch LAN switching hubs LANLinker Dual Analog Router Acacia Networks: NovaSwitch Ethernet switches. APC: UPS products with web management Andover Controls Corporation: Infinity automated building controls Bizfon: Bizfon 680 Multifunction communications server D-Link Systems: DES-3225G 24-port 10 / 100Mbps Ethernet switch. DES-3224 + EdgePoint Networks: EdgeStar EdgeStackEdgeSwitch Extreme Networks: Summit Gigabit Switch Foundry Networks: BigIron Switching Routers, FastIron SwitchesNetIron Core Routers. (possibly entire product line ) Interspeed: System 1000 and 500 Central Office ADSL routers LANart Corporation: Segway Adaptive Microsegmentable Ethernet Hub Netopia Communications: Netopia ISDN router products NETsilicon, Inc .: NET + ARM product family Net To Net Technologies: IP DSL Access Multiplexer 12000 Network Peripherals: NuSwitch Ethernet switches and hubs Northern Telecom: Accelar Gigabit Ethernet Osicom: NETPrint 1000 print server various Ethernet switch products Proxim: RangeLAN2 QMS: various networked printers Xerox: DocuPrint laser printers

IOT TAXONOMY

AFFECTED PRODUCTS

EXTERNAL IDS

SOURCES

LAST UPDATE DATE

2022-05-04T09:08:11.396000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE