CVE-2021-45608

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of "rather significant complexity" but not "impossible." The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*

History

29 Apr 2022, 01:57

Type Values Removed Values Added
CWE CWE-120 CWE-190
References (MISC) https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers/ - (MISC) https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers/ - Exploit, Patch, Third Party Advisory

12 Jan 2022, 17:15

Type Values Removed Values Added
References
  • (MISC) https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers/ -
Summary Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122. Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of "rather significant complexity" but not "impossible." The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122.

06 Jan 2022, 12:59

Type Values Removed Values Added
CWE CWE-120
First Time Netgear
Netgear r6700v3 Firmware
Netgear d7800
Netgear d7800 Firmware
Netgear r6400v2 Firmware
Netgear r6400v2
Netgear r6700v3
References (MISC) https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278 - (MISC) https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278 - Patch, Vendor Advisory
CPE cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8

26 Dec 2021, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-12-26 01:15

Updated : 2023-12-10 14:09


NVD link : CVE-2021-45608

Mitre link : CVE-2021-45608

CVE.ORG link : CVE-2021-45608


JSON object : View

Products Affected

netgear

  • d7800_firmware
  • r6400v2_firmware
  • d7800
  • r6700v3
  • r6400v2
  • r6700v3_firmware
CWE
CWE-190

Integer Overflow or Wraparound