NetUSB vulnerability leaves millions of routers open to attack

May 20, 2015 – 4:48 AM

Millions of routers and other embedded devices are affected by a serious vulnerability that could allow hackers to compromise them.

The vulnerability is located in a service called NetUSB, which lets devices connected over USB to a computer be shared with other machines on a local network or the Internet. The shared devices can be printers, webcams, thumb drives, external hard disks and more.

NetUSB is implemented in Linux-based embedded systems, such as routers, as a kernel driver. The driver is developed by Taiwan-based KCodes Technology. Once enabled, it opens a server that listens on TCP port 20005 for connecting clients.

Security researchers from a company called Sec Consult found that if a connecting computer has a name longer than 64 characters, a stack buffer overflow is triggered in the NetUSB service. If exploited, this kind of vulnerability can result in remote code execution or denial of service.

Since the NetUSB service code runs in kernel mode, attackers who exploit the flaw could gain the ability to execute malicious code on the affected devices with the highest possible privilege, the Sec Consult researchers said in a blog post Tuesday.

Many vendors integrate NetUSB into their products, but have different names for it. For example, Netgear calls the feature ReadySHARE, while others simply call it print sharing or USB share port.


You must be logged in to post a comment.