Author Topic: CVE-2021-45608 (NetUSB RCE flaw)  (Read 556 times)

0 Members and 1 Guest are viewing this topic.

Offline madires

  • Super Contributor
  • ***
  • Posts: 7043
  • Country: de
  • A qualified hobbyist ;)
CVE-2021-45608 (NetUSB RCE flaw)
« on: January 17, 2022, 10:07:05 am »
CVE-2021-45608 | NetUSB RCE Flaw in Millions of End User Routers (https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers/)

In most cases it should possible to add firewall rules to prevent access from the WAN (block TCP port 20005).
 

Online SiliconWizard

  • Super Contributor
  • ***
  • Posts: 11160
  • Country: fr
Re: CVE-2021-45608 (NetUSB RCE flaw)
« Reply #1 on: January 17, 2022, 06:05:13 pm »
Looked at the code - as expected, mind-boggingly careless. And it's basically down to "input validation" not handled appropriately, one of my pet peeves in software.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf

 



Advertise on the EEVblog Forum