How To Fix CVE-2021-45608- A RCE Vulnerability In NetUSB Affect Millions Of Routers?

Security researchers from Sentinel Labs disclosed a high severity remote code execution vulnerability in the NetUSB module. The flaw tracked as CVE-2021-45608 is a buffer overflow vulnerability that allows attackers to execute code remotely on the millions of routers that run the NetUSB module. Since all well-known router manufacturers use KCodes’s NetUSB component as a major form factor to add USB-based services on their routers, securing your router to protect your internet communication is critical. So, let’s see How to Fix CVE-2021-45608- A RCE Vulnerability in NetUSB Affect Millions of Routers.

What Is NetUSB?

How To Fix CVE-2021-45608- A RCE Vulnerability In NetUSB Affect Millions Of Routers?
USB Over IP (KCodes)

NetUSB is a USB over IP solution developed by Kcodes. It allows USB devices a network communication functionality through USB ports on the routers. Router manufacturers use this module in their routers to provide an additional feature to their customers. NetUSB enables a router to connect USB devices connected to its USB port to other devices in the network. For example, A NetUSB enabled router will allow you to access the hard drive remotely through the USB port of the router. Similarly, a NetUSB enabled router will allow you to interact with your USB printer sitting remotely.

Router Modules Affected With CVE-2021-45608:

It is hard to list out the products affected by the CVE-2021-45608 vulnerability since all well-known router manufacturers use this component in their routers.

  • Netgear
  • TP-Link
  • Tenda
  • EDiMAX
  • DLink
  • Western Digital

Summary Of CVE-2021-45608 (A RCE Vulnerability In NetUSB Affect Millions Of Routers):

Associated CVE ID CVE-2021-45608
Description A RCE Vulnerability in NetUSB
Associated ZDI ID NA
CVSS Score 9.8 Critical
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score 5.9
Exploitability Score 3.9
Attack Vector (AV) Network
Attack Complexity (AC) Low
Privilege Required (PR) None
User Interaction (UI) None
Scope Unchanged
Confidentiality (C) High
Integrity (I) High
availability (a) High

How To Fix CVE-2021-45608- A RCE Vulnerability In NetUSB Affect Millions Of Routers?

Since the flaw lice in the third party component, nothing is done from the users’ end. The best way to fix the CVE-2021-45608 vulnerability is a firmware update. You should need to explore the new updates released by your vendor and update them as soon as you can.

Time needed: 10 minutes.

How To Fix CVE-2021-45608, A Pre-Authentication Buffer Overflow Vulnerability?

You can fix the CVE-2021-45608 vulnerability by upgrading the firmware of your product to the latest version.

Netgear has released firmware updates for a few of its models. Follow these steps to update your firmware of the Netgear router. We always recommend contacting the vendor for clear information.

There was another buffer overflow vulnerability disclosed in November 2021. The same procedure will fix the CVE-2021-34991 vulnerability. It is always a best practice to keep your router’s firmware up to date to protect your internet communication.

  1. Visit the Netgear Support site

    URL: https://www.netgear.com/support/

    Netgear Support Portal

  2. Search your product in the search box

    As soon as you start typing your model number in the search box, you will see your model in the drop-down menu. Select your model as soon as it appears.

    Seaarch your product in the search box

  3. Download the firmware

    Click on the download button to download the firmware for your model.
    Under Current Versions, select the first download whose title begins with Firmware Version.

    Download the Netgear firmware

  4. Install the firmware

    Follow the instructions to install the firmware version. Please refer to the installation guide of your product for further assistance.

    Note: Click on the Documents button to download the installation guide and other documentation about the product.

    Download the documentation of Netgear

We hope this post will help you in knowing how to fix CVE-2021-45608- A RCE Vulnerability in NetUSB Affect Millions of Routers. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this.

原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/270127.html

(0)
上一篇 2022年6月24日
下一篇 2022年6月24日

相关推荐

发表回复

登录后才能评论