CVE-2021-45608

CWE-190Integer OverflowCWE-120Classic Buffer Overflow5 documents4 sources
Severity
9.8CRITICAL
EPSS
5.0%
top 10.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Netgear D7800 FirmwareNetgear R6400v2 FirmwareNetgear R6700v3 Firmware
Timeline
PublishedDec 26
Latest updateJan 11

Description

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of "rather significant complexity" but not "impossible." The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:NExploitability: 2.2 | Impact: 4.2

Affected Packages3 packages

NVDnetgear/d7800_firmware< 1.0.1.68
NVDnetgear/r6400v2_firmware< 1.0.4.122
NVDnetgear/r6700v3_firmware< 1.0.4.122

Patches

Patch: kb.netgear.comPatch: www.sentinelone.comPatch: kb.netgear.com

🔴Vulnerability Details

2
GHSA
GHSA-6x83-8r8h-3w2x: Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker2021-12-27
CVEList
CVE-2021-45608: Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker2021-12-26

🕵️Threat Intelligence

2
Sentinelone
CVE-2021-45608 | NetUSB RCE Flaw in Millions of End User Routers2022-01-11
Sentinelone
CVE-2021-45608 | NetUSB RCE Flaw in Millions of End User Routers2022-01-11
CVE-2021-45608 (CRITICAL CVSS 9.8) | Certain D-Link | cvebase.io