Table of Contents
  • Home
  • /
  • Blog
  • /
  • How To Fix CVE-2021-45608- A RCE Vulnerability In NetUSB Affect Millions Of Routers?
January 13, 2022

How To Fix CVE-2021-45608- A RCE Vulnerability In NetUSB Affect Millions Of Routers?

How To Fix Cve 2021 45608 A Rce Vulnerability In Netusb Affect Millions Of Routers

Security researchers from Sentinel Labs disclosed a high severity remote code execution vulnerability in the NetUSB module. The flaw tracked as CVE-2021-45608 is a buffer overflow vulnerability that allows attackers to execute code remotely on the millions of routers that run the NetUSB module. Since all well-known router manufacturers use KCodes’s NetUSB component as a major form factor to add USB-based services on their routers, securing your router to protect your internet communication is critical. So, let’s see How to Fix CVE-2021-45608- A RCE Vulnerability in NetUSB Affect Millions of Routers.

What Is NetUSB?

USB Over IP (KCodes)

NetUSB is a USB over IP solution developed by Kcodes. It allows USB devices a network communication functionality through USB ports on the routers. Router manufacturers use this module in their routers to provide an additional feature to their customers. NetUSB enables a router to connect USB devices connected to its USB port to other devices in the network. For example, A NetUSB enabled router will allow you to access the hard drive remotely through the USB port of the router. Similarly, a NetUSB enabled router will allow you to interact with your USB printer sitting remotely.

Router Modules Affected With CVE-2021-45608:

It is hard to list out the products affected by the CVE-2021-45608 vulnerability since all well-known router manufacturers use this component in their routers.

  • Netgear

  • TP-Link

  • Tenda

  • EDiMAX

  • DLink

  • Western Digital

Summary Of CVE-2021-45608 (A RCE Vulnerability In NetUSB Affect Millions Of Routers):

Associated CVE IDCVE-2021-45608
DescriptionA RCE Vulnerability in NetUSB
Associated ZDI IDNA
CVSS Score9.8 Critical
Impact Score5.9
Exploitability Score3.9
Attack Vector (AV)Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
Confidentiality (C)High
Integrity (I)High
availability (a)High

How To Fix CVE-2021-45608- A RCE Vulnerability In NetUSB Affect Millions Of Routers?

Since the flaw lice in the third party component, nothing is done from the users’ end. The best way to fix the CVE-2021-45608 vulnerability is a firmware update. You should need to explore the new updates released by your vendor and update them as soon as you can.

Time needed: 10 minutes.

How To Fix CVE-2021-45608, A Pre-Authentication Buffer Overflow Vulnerability?
You can fix the
CVE-2021-45608 vulnerability by upgrading the firmware of your product to the latest version.
Netgear has released
firmware updates for a few of its models. Follow these steps to update your firmware of the Netgear router. We always recommend contacting the vendor for clear information.
There was another
buffer overflow vulnerability disclosed in November 2021. The same procedure will fix the CVE-2021-34991 vulnerability. It is always a best practice to keep your router’s firmware up to date to protect your internet communication.

  1. Visit the Netgear Support site


  1. Search your product in the search box

    As soon as you start typing your model number in the search box, you will see your model in the drop-down menu. Select your model as soon as it appears.

  1. Download the firmware

    Click on the download button to download the firmware for your model.Under Current Versions, select the first download whose title begins with Firmware Version.

  1. Install the firmware

    Follow the instructions to install the firmware version. Please refer to the installation guide of your product for further assistance.
    Note: Click on the
    Documents button to download the installation guide and other documentation about the product.

We hope this post would help you in knowing how to fix CVE-2021-45608- A RCE Vulnerability in NetUSB Affect Millions of Routers. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this.

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Application Security

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.



View All

Learn Something New with Free Email subscription