Lucene search
PRIOn knowledge basePRION:CVE-2021-45608HistoryDec 26, 2021 - 1:15 a.m.
Integer overflow
2021-12-2601:15:00
PRIOn knowledge base
www.prio-n.com
8
Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of “rather significant complexity” but not “impossible.” The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122.
| CPE | Name | Operator | Version |
|---|---|---|---|
| d7800_firmware | lt | 1.0.1.68 | |
| r6400v2_firmware | lt | 1.0.4.122 | |
| r6700v3_firmware | lt | 1.0.4.122 |
Related
cve
cve
CVE-2021-45608
2021-12-26 01:15:18
CVE-2021-45388
2022-01-12 17:15:08
cvelist
cvelist
CVE-2021-45608
2021-12-26 00:37:23
nvd
nvd
CVE-2021-45608
2021-12-26 01:15:18
CVE-2021-45388
2022-01-12 17:15:08
thn
thn
New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors
2022-01-11 11:59:00