Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Router Vendors Working to Patch NetUSB Driver Vulnerability

Router manufacturers whose products have been confirmed to be affected by the recently disclosed NetUSB driver security flaw say they are working on developing firmware updates that address the vulnerability.

Router manufacturers whose products have been confirmed to be affected by the recently disclosed NetUSB driver security flaw say they are working on developing firmware updates that address the vulnerability.

SEC Consult revealed last week that millions of routers could be exposed to attacks due to a kernel stack buffer overflow vulnerability (CVE-2015-3036) in the NetUSB driver from KCodes. The driver in question allows users to connect to USB devices plugged into a router or access point over the network.

The vulnerability, caused by insufficient input validation, can be triggered by connecting to the server from a client with a computer name longer than 64 characters. An unauthenticated attacker can exploit the flaw to cause a denial-of-service (DoS) condition or execute arbitrary code. The bug can be exploited by an attacker who has access to the local network, but exploitation over the Internet might also be possible in some cases.

SEC Consult says it has found evidence that a total of 26 vendors use NetUSB. However, so far, the security hole has been confirmed to affect products from TP-Link, TRENDnet, ZyXEL, Netgear, and D-Link.

KCodes has failed to communicate with SEC Consult regarding the availability of a fix. However, the security firm has learned that the Taiwan-based tech company has started shipping patched versions of NetUSB to router vendors.

TP-Link started releasing fixes before SEC Consult disclosed the existence of the flaw. The other router vendors published advisories informing users of their intention to release firmware updates in the upcoming period.

TRENDnet says the vulnerability affects the following models: TEW-811DRU, TEW-812DRU, TEW-813DRU, TEW-818DRU, TEW-823DRU, and TEW-828DRU. The company hopes to release firmware updates for these devices in early June.

According to ZyXEL, the NetUSB vulnerability affects four of its products: Wireless N300 NetUSB Router (NBG-419N v2), Wireless N300 Gigabit NetUSB Router (NBG4615 v2), Simultaneous Dual-Band Wireless N750 Media Router (NBG5615), and Simultaneous Dual-Band Wireless N900 Media Router (NBG5715). ZyXEL expects to release firmware updates for these models in mid-June.

Advertisement. Scroll to continue reading.

“ZyXEL is aware of the vulnerability to KCodes NetUSB on four of ZyXEL routers and assures our customers that the rest of ZyXEL products are not affected. ZyXEL has identified the root cause and a fix to the problem. We are now in the process of rebuilding the NetUSB modules on the affected routers,” ZyXEL said.

Netgear, which calls the vulnerable feature “ReadySHARE,” says it will start releasing firmware versions that address this issue in July. Until updates are available, the company advises customers to take steps to block unauthorized access to their network.

“By default NETGEAR routers are pre-configured with random SSID and passphrase. It is recommended to change the SSID and passphrase, as well as administrator password to the router setup GUI page. You can also block unauthorized device from the NETGEAR Genie App or desktop application by right-clicking on the unauthorized device in the Network Map,” Netgear said.

In its own advisory, D-Link noted that the company does not currently deploy products using the NetUSB driver from KCodes. “All D-Link routers that deploy Shareport Mobile or mydlink Shareport are not affected,” the company said.

However, there are a dozen D-Link router models that use the vulnerable component. The list includes DIR-628, DIR-632, DIR-655, DIR-685, DIR-825, DIR-855, DGL-4500, DAP-1350, and DHP-1320. Firmware updates for these devices are under development, D-Link said.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.