How are others dealing with CVE-2020-29491 and CVE-2020-29492 and Prioritizing

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #53995
    Avatartwmclean
    Participant
    • Total Post: 6
    • Newbie

    Just back from Christmas vacation and alerted to these exploits.  Just curious how others plan to deal with and what level of priority you are placing on updating?

    Hoping to start a conversation.

    Thanks

    #53998
    Avatarlolix
    Participant
    • Total Post: 176
    • Jacked into The Matrix
    • ★★★★★★

    If your share is read-only, I don’t see any reason to freak-out, whatever the protocol.

    (Assuming you did not put such things as a VNC password in clear text in your wnos.ini.)

    This is common sense, not a vulnerability.

    The real problem seems to be {username}.ini usage which require a share w/ Write permission.

     

    • This reply was modified 4 months, 1 week ago by Avatarlolix.
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.