‘Millions’ of routers open to absurdly outdated NetUSB hijack

Darren Pauli reports:

SEC Consult Vulnerability Lab Stefan Viehbock says potentially millions of routers and internet of things devices using KCodes NetUSB could be exposed to remote hijacking or denial of service attacks.

The packet fondler says the vulnerability (CVE-2015-3036) hits the Linux kernel module in scores of popular routers which serves to provide network access over TCP port 20005 to USB devices plugged into routers such as printers and external hard drives.

Read more on The Register.

About the author: Dissent