Vulnerabilities in routers are nothing new, but when researchers find a major vulnerability capable of compromising millions of connected devices, that turns heads.
Such is the case today as a group of security researchers published proof-of-concept code that indicates a major vulnerability that can be used to deliver denial-of-service attacks and even run code remotely, according to the research firm SEC Consult Vulnerability Lab, which conducted the study. The firm says it has identified 26 vendors whose products were likely affected by the router flaw.
The vulnerable driver is a Linux kernel called NetUSB, developed by a Taiwanese firm called KCodes. It’s used to allow USB devices such as printers, external hard drives and flash drives to be connected to a network via the router. Just to confuse the issue, the driver operates under different names depending on the manufacturer. For example, Netgear calls it ReadySHARE.
What’s troubling, according to Adrian Kingsley-Hughes at ZDNet, is that “The researchers attempted to contact KCodes with regards to the vulnerability back in February of this year, but only got back ‘a few nonsensical responses’ before being ignored.”
The exploit is delivered when a pseudo-client device sends a computer name to the device that is longer than 64 characters.
The researchers said devices from TP-LINK, Netgear, IOGear, Western Digital, and ZyXEL are among those affected. For a full list of devices that are possibly affected by this vulnerability, check out the advisory. Only TP-LINK has released fixes, with ZyXEL, Netgear and D-Link saying that patches are in the pipeline.