Vulnerability Details : CVE-2021-45608
Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of "rather significant complexity" but not "impossible." The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2021-45608
Probability of exploitation activity in the next 30 days: 0.70%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 80 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2021-45608
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N |
2.2
|
4.2
|
MITRE |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2021-45608
-
The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-45608
-
https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers/
CVE-2021-45608 | NetUSB RCE Flaw in Millions of End User Routers - SentinelOneExploit;Patch;Third Party Advisory
-
https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278
Security Advisory for Pre-Authentication Buffer Overflow on Multiple Products, PSV-2021-0278 | Answer | NETGEAR SupportPatch;Vendor Advisory
Products affected by CVE-2021-45608
- cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*