February 8, 2023

Researchers have discovered a critical vulnerability (CVE-2021-45608) in KCodes NetUSB component that is present in millions of end-user routers from different vendors, including Netgear, TP-Link, Tenda, EDiMAX, D-Link, and Western Digital.

NetUSB is a product developed by KCodes to allow remote devices in a network to interact with USB devices connected to a router. Users could interact with a printer or a hard drive plugged into a router via network using a driver on their computer that allows communication with the network device.

The flaw is a buffer overflow vulnerability that can be exploited by remote attackers to execute code in the kernel and carry out malicious activities.

A threat actor could send crafted commands to internet-connected routers on port 20005. Provided there were no firewall rules in place to block it, that would mean it was listening on the WAN as well as the LAN. A remoting can be done. But it’s not easy to exploit the issue.

The issue was reported to Kcodes , and in October the company released security updates to address this flaw.

Unfortunately, it is impossible to know which are the vendors that already applied the security updates released by the company. At present only nly Netgear has released security updates for its impacted models.

Leave a Reply

%d bloggers like this: