{"id":122117,"date":"2024-05-15T14:56:42","date_gmt":"2024-05-15T14:56:42","guid":{"rendered":"https:\/\/bas-ip.com\/?page_id=122117"},"modified":"2024-11-05T11:01:10","modified_gmt":"2024-11-05T11:01:10","slug":"bsa-000001","status":"publish","type":"page","link":"https:\/\/bas-ip.com\/hr\/bsa-000001\/","title":{"rendered":"BSA-000001"},"content":{"rendered":"<h2 class=\"wp-block-heading\" id=\"bsa-000001\">Pregled<\/h2>\n\n\n\n<p>U nekoliko BAS-IP portafonskih ure\u0111aja otkriven je problem. Pristupom web su\u010delju ili API-ju ure\u0111aja, napada\u010d mo\u017ee dobiti lozinke za RTSP poslu\u017eitelj ure\u0111aja i SIP ra\u010dun.<\/p>\n\n\n\n<p>BAS-IP klasificira ove ranjivosti kao srednje i preporu\u010duje korisnicima da nadograde pogo\u0111ene BAS-IP modele na najnoviju verziju firmvera.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"risk-assessment\">Procjena rizika<\/h2>\n\n\n\n<p>Potencijalni protivnik treba mre\u017eni pristup ure\u0111aju kako bi iskoristio ranjivosti. Protivnik zahtijeva vjerodajnice za uspje\u0161no kompromitiranje ure\u0111aja. Rizik ovisi o tome koliko je ure\u0111aj izlo\u017een. Ure\u0111aji okrenuti prema internetu (npr. izlo\u017eeni putem port-forwarda usmjeriva\u010da) izlo\u017eeni su velikom riziku. Proizvodi postavljeni na za\u0161ti\u0107enoj lokalnoj mre\u017ei izlo\u017eeni su manjem riziku.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"risk-mitigation\">Ubla\u017eavanje rizika<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Strogo se preporu\u010duje nadogradnja zahva\u0107enih modela na najnoviji firmware.<\/li>\n\n\n\n<li>Ne preporu\u010duje se izlaganje ure\u0111aja izravno internetu (proslje\u0111ivanje portova).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"affected-models-and-patched-firmware\">Pogo\u0111eni modeli i zakrpani firmware<\/h2>\n\n\n\n<p>Popis zahva\u0107enih modela:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AV-01D<\/li>\n\n\n\n<li>AV-01MD<\/li>\n\n\n\n<li>AV-01MFD<\/li>\n\n\n\n<li>AV-01ED<\/li>\n\n\n\n<li>AV-01KD<\/li>\n\n\n\n<li>AV-01BD<\/li>\n\n\n\n<li>AV-01KBD<\/li>\n\n\n\n<li>AV-02D<\/li>\n\n\n\n<li>AV-02IDE<\/li>\n\n\n\n<li>AV-02IDR<\/li>\n\n\n\n<li>AV-02IPD<\/li>\n\n\n\n<li>AV-02FDE<\/li>\n\n\n\n<li>AV-02FDR<\/li>\n\n\n\n<li>AV-03D<\/li>\n\n\n\n<li>AV-03BD<\/li>\n\n\n\n<li>AV-04AFD<\/li>\n\n\n\n<li>AV-04ASD<\/li>\n\n\n\n<li>AV-04FD<\/li>\n\n\n\n<li>AV-04SD<\/li>\n\n\n\n<li>AV-05FD<\/li>\n\n\n\n<li>AV-05SD<\/li>\n\n\n\n<li>AA-07BD<\/li>\n\n\n\n<li>AA-07BDI<\/li>\n\n\n\n<li>BA-04BD<\/li>\n\n\n\n<li>BA-04MD<\/li>\n\n\n\n<li>BA-08BD<\/li>\n\n\n\n<li>BA-08MD<\/li>\n\n\n\n<li>BA-12BD<\/li>\n\n\n\n<li>BA-12MD<\/li>\n\n\n\n<li>CR-02BD<\/li>\n<\/ul>\n\n\n\n<p>Zakrpana verzija firmvera:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>3.9.2<\/li>\n<\/ul>","protected":false},"excerpt":{"rendered":"<p>Pregled U nekoliko BAS-IP portafonskih ure\u0111aja otkriven je problem. Pristupom web su\u010delju ili API-ju ure\u0111aja, napada\u010d mo\u017ee dobiti lozinke za RTSP poslu\u017eitelj ure\u0111aja i SIP ra\u010dun. BAS-IP klasificira ove ranjivosti kao srednje i preporu\u010duje korisnicima da nadograde pogo\u0111ene BAS-IP modele na najnoviju verziju firmvera. Procjena rizika Potencijalni protivnik treba mre\u017eni pristup ure\u0111aju kako bi iskoristio [&hellip;]<\/p>","protected":false},"author":3,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"inline_featured_image":false,"footnotes":""},"class_list":["post-122117","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/bas-ip.com\/hr\/wp-json\/wp\/v2\/pages\/122117","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bas-ip.com\/hr\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/bas-ip.com\/hr\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/bas-ip.com\/hr\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/bas-ip.com\/hr\/wp-json\/wp\/v2\/comments?post=122117"}],"version-history":[{"count":1,"href":"https:\/\/bas-ip.com\/hr\/wp-json\/wp\/v2\/pages\/122117\/revisions"}],"predecessor-version":[{"id":122118,"href":"https:\/\/bas-ip.com\/hr\/wp-json\/wp\/v2\/pages\/122117\/revisions\/122118"}],"wp:attachment":[{"href":"https:\/\/bas-ip.com\/hr\/wp-json\/wp\/v2\/media?parent=122117"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}