Vulnerability Description
Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of "rather significant complexity" but not "impossible." The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | D7800 Firmware | < 1.0.1.68 |
| Netgear | D7800 | - |
| Netgear | R6400V2 Firmware | < 1.0.4.122 |
| Netgear | R6400V2 | - |
| Netgear | R6700V3 Firmware | < 1.0.4.122 |
| Netgear | R6700V3 | - |
Related Weaknesses (CWE)
References
- https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-BufferPatchVendor Advisory
- https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-eExploitPatchThird Party Advisory
- https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-BufferPatchVendor Advisory
- https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-eExploitPatchThird Party Advisory
FAQ
What is CVE-2021-45608?
CVE-2021-45608 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port ...
How severe is CVE-2021-45608?
CVE-2021-45608 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-45608?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear D7800 Firmware, Netgear D7800, Netgear R6400V2 Firmware, Netgear R6400V2, Netgear R6700V3 Firmware.