cve/CVE-2021-45608.md at 4c761d11aab685b40e53e87637378a029d1bbbad

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio 8654f5abb7 Update CVE sources 2024-08-11 18:44

2024-08-11 18:44:53 +00:00

Description

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of "rather significant complexity" but not "impossible." The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122.

POC

Reference

https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/kdn111/linux-kernel-exploitation
https://github.com/khanhdn111/linux-kernel-exploitation
https://github.com/khanhdz-06/linux-kernel-exploitation
https://github.com/khanhdz191/linux-kernel-exploitation
https://github.com/khanhhdz/linux-kernel-exploitation
https://github.com/khanhhdz06/linux-kernel-exploitation
https://github.com/khanhnd123/linux-kernel-exploitation
https://github.com/knd06/linux-kernel-exploitation
https://github.com/ndk06/linux-kernel-exploitation
https://github.com/ndk191/linux-kernel-exploitation
https://github.com/ssr-111/linux-kernel-exploitation
https://github.com/wkhnh06/linux-kernel-exploitation
https://github.com/xairy/linux-kernel-exploitation

1.7 KiB Raw Blame History

CVE-2021-45608

Description

POC

Reference

Github

1.7 KiB

Raw Blame History