Firmware security company IoT Inspector said its researchers have identified more than a dozen vulnerabilities in SDKs provided by Realtek to companies that use its RTL8xxx chips. The security flaws can be exploited to cause a denial of service (DoS) condition and for command injection, and some of them can be leveraged by remote attackers to take complete control of a targeted device, without requiring authentication.
According to IoT Inspector, an internet search revealed nearly 200 unique types of affected devices from a total of 65 different vendors, including IP cameras, routers, residential gateways, Wi-Fi repeaters, and toys. The list of impacted manufacturers and vendors includes ASUS, Belkin, D-Link, Huawei, LG, Logitech, Netgear, ZTE and Zyxel.