EUVD-2019-14623

Malware in sbrugna...

EUVD-2019-14624

Malware in sbrugna...

New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors

Cybersecurity researchers have detailed a high severity flaw in KCodes NetUSB component that's integrated into millions of end-user router devices from Netgear, TP-Link, Tenda, EDiMAX, D-Link, and Western Digital, among others. KCodes NetUSB is a Linux kernel module that enables devices on a loca...

CVE-2021-45608

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface TCP port 20005 cannot be ruled out; however, exploitability was judged to be of "rather significant...

Integer overflow

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface TCP port 20005 cannot be ruled out; however, exploitability was judged to be of "rather significant...

Threat Source newsletter (June 20, 2019)

Newsletter compiled by Jonathan Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. This week, we disclosed two vulnerabilities in KCodes’ NetUSB kernel module contains that could allow an attacker to inappropriatel...

Memory corruption

An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory...

CVE-2019-5017

CVE-2019-5017 concerns KCodes NetUSB.ko in NETGEAR Nighthawk/other routers. The TALOS advisories confirm an unauthenticated remote kernel information-disclosure vulnerability in NetUSB.ko that can return multiple addresses, including a base address for NetUSB.ko (e.g., 0xBF111000) via crafted pac...

Vulnerability Spotlight: Two bugs in KCodes NetUSB affect some NETGEAR routers

Dave McDaniel of Cisco Talos discovered these vulnerabilities. Executive summary KCodes’ NetUSB kernel module contains two vulnerabilities that could allow an attacker to inappropriately access information on some NETGEAR wireless routers. Specific models of these routers utilize the kernel modul...

KCodes NetUSB unauthenticated remote kernel information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the KCodes NetUSB.ko kernel module that enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. An unauthenticated, remote attacker can craft and se...

NetUSB - Kernel Stack Buffer Overflow

NetUSB - Kernel Stack Buffer Overflow !/usr/bin/env python -- coding: utf-8 -- Exploit Title: NetUSB Kernel Stack Buffer Overflow Date: 9/10/15 Exploit Author: Adrian Ruiz Bermudo Vendor Homepage: http://www.kcodes.com/ Version: Multiple:...

Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit

Exploit for multiple platform in category remote exploits !/usr/bin/env python Source: http://haxx.in/blasty-vs-netusb.py CVE-2015-3036 - NetUSB Remote Code Execution exploit Linux/MIPS =========================================================================== This is a weaponized exploit for th...

CVE-2015-3036

Stack-based buffer overflow in the runinitsbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005...

CVE-2015-3036

CVE-2015-3036 is a stack-based overflow in the KCodes NetUSB Linux kernel module (run_init_sbus) that affects NetUSB-enabled devices from NETGEAR, TP-LINK and others. Attackers can trigger it by sending a long computer name in a session on TCP port 20005, potentially allowing remote code executio...

KCodes NetUSB Vulnerability Details Surface

The Department of Homeland Security-sponsored CERT at Carnegie Mellon University today issued an alert warning of a serious vulnerability in KCode NetUSB, which is integrated into products sold by a number of networking vendors. KCodes NetUSB is a Linux kernel module that enables several users on...

KCodes NetUSB kernel driver is vulnerable to buffer overflow

Overview KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. Description KCodes NetUSB is a Linux kernel module that provides USB over IP. It is used to provide USB device sharing on a home user network.CWE-120: Buffer Copy...