Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-45608
HistoryDec 26, 2021 - 1:15 a.m.

CVE-2021-45608

2021-12-2601:15:18
CWE-190
[email protected]
web.nvd.nist.gov
42
cve-2021-45608
d-link
edimax
netgear
tp-link
tenda
western digital
integer overflow
remote code execution
netusb
kernel module
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.8%

JSON

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of “rather significant complexity” but not “impossible.” The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122.

Affected configurations

NVD
Node
netgeard7800_firmwareRange<1.0.1.68
AND
netgeard7800Match-
Node
netgearr6400v2_firmwareRange<1.0.4.122
AND
netgearr6400v2Match-
Node
netgearr6700v3_firmwareRange<1.0.4.122
AND
netgearr6700v3Match-

Related

prion 1
cvelist 1
nvd 2
cve 1
thn 1
prion
prion
Integer overflow
2021-12-26 01:15:00
cvelist
cvelist
CVE-2021-45608
2021-12-26 00:37:23
nvd
nvd
CVE-2021-45608
2021-12-26 01:15:18
CVE-2021-45388
2022-01-12 17:15:08
cve
cve
CVE-2021-45388
2022-01-12 17:15:08
thn
thn
New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors
2022-01-11 11:59:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.8%

JSON
Related for CVE-2021-45608
prion1cvelist1nvd2cve1thn1