Author Topic: CVE-2021-45608 (NetUSB RCE flaw)  (Read 854 times)

0 Members and 1 Guest are viewing this topic.

Offline madiresTopic starter

  • Super Contributor
  • ***
  • Posts: 8140
  • Country: de
  • A qualified hobbyist ;)
CVE-2021-45608 (NetUSB RCE flaw)
« on: January 17, 2022, 10:07:05 am »
CVE-2021-45608 | NetUSB RCE Flaw in Millions of End User Routers (https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers/)

In most cases it should possible to add firewall rules to prevent access from the WAN (block TCP port 20005).
 

Online SiliconWizard

  • Super Contributor
  • ***
  • Posts: 15315
  • Country: fr
Re: CVE-2021-45608 (NetUSB RCE flaw)
« Reply #1 on: January 17, 2022, 06:05:13 pm »
Looked at the code - as expected, mind-boggingly careless. And it's basically down to "input validation" not handled appropriately, one of my pet peeves in software.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf