Based on functional considerations, many routers now support USB interfaces. For example, you can connect a removable storage device through the USB interface to use the router as a small NAS to share files. You can also connect the printer through the router to realize the LAN sharing of the USB printer, etc.
What makes the router support USB devices is the KCodes NetUSB module, which is actually a Linux kernel module that allows devices on the local network to provide USB-based services through IP. Most Linux embedded devices are typically routers that use this module to implement various functions of USB.
The security vulnerability discovered this time is CVE-2021-45608, which was discovered by security company SentineLabs on September 9, 2021, and submitted to KCodes on October 4. After verification, KCodes confirmed the existence of the vulnerability, and the vulnerability CVSS score was as high as 9.8.
The vulnerability is mainly related to buffer overflow. If the vulnerability is successfully exploited, an attacker can remotely execute arbitrary code in the kernel, including but not limited to installing malware to achieve man-in-the-middle hijacking or monitoring, etc. CVE-2021-45608 corresponds to the Netgear router vulnerability description, but in fact, this vulnerability affects millions of routers (Netgear, TP-Link, Tenda, EDiMAX, DLink, Western Digital) that support USB interfaces around the world.
KCodes is also very responsible, and after receiving the vulnerability notification, it released a patch to all suppliers on November 19, 2021, to fix the vulnerability. After that, Netgear released an update to fix the vulnerabilities in some routers, but more routers have no firmware to fix the vulnerabilities for the time being.
