16 matches found
CVE-2022-27641
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
EUVD-2022-29250
Malicious code in bioql PyPI...
EUVD-2022-29249
Malicious code in bioql PyPI...
CVE-2022-24353
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 1.1.4 Build 20211022 rel.591035553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue...
CVE-2022-24354
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 1.1.4 Build 20211022 rel.591035553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The...
CVE-2022-27641
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
Integer overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
CVE-2022-27641
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
CVE-2022-27641
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of...
PT-2021-6443 · NetGear · Netgear R6400V2 +5
Name of the Vulnerable Software and Affected Versions: NETGEAR R6700v3 version 1.0.4.120 10.0.91 NETGEAR D7800 affected versions not specified NETGEAR R6220 affected versions not specified NETGEAR R6230 affected versions not specified NETGEAR R6400v2 affected versions not specified NETGEAR R7000...
PT-2021-6114 · Tp Link · Tp-Link Ac1750
Name of the Vulnerable Software and Affected Versions: TP-Link AC1750 version 1.1.4 Build 20211022 rel.591035553 Description: The issue is related to a read past the end of an allocated buffer in the NetUSB.ko module, which can be exploited by network-adjacent attackers to execute arbitrary code ...
Threat Source newsletter (June 20, 2019)
Newsletter compiled by Jonathan Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. This week, we disclosed two vulnerabilities in KCodes’ NetUSB kernel module contains that could allow an attacker to inappropriatel...
Nighthawk AC3200 (R8000) NetUSB.ko Information Disclosure Vulnerability
The NETGEAR Nighthawk AC3200 is a tri-band wireless router from NETGEAR. An information disclosure vulnerability exists in NetUSB.ko version 1.0.2.66 in the Nighthawk AC3200 R8000 using firmware version 1.0.4.2810.1.54 11/7/18. The vulnerability stems from an error in configuration or other error...
Stack overflow
Stack-based buffer overflow in the runinitsbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005...
CVE-2015-3036
Stack-based buffer overflow in the runinitsbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005...
KCodes NetUSB module for Linux kernel stack buffer overflow vulnerability
KCodes NetUSB module for Linux kernel is a technology that utilizes 150KB Flash and 1MB RAM space to implement embedded linux kernel. A stack buffer overflow vulnerability exists in the KCodes NetUSB module for Linux kernel, which allows remote attackers to execute arbitrary code by providing a...