Published: 21/05/2015 Updated: 08/12/2016
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote malicious users to execute arbitrary code by providing a long computer name in a session on TCP port 20005.

Vulnerability Trend

Affected Products

Vendor Product Versions


#!/usr/bin/env python # Source: haxxin/blasty-vs-netusbpy # # CVE-2015-3036 - NetUSB Remote Code Execution exploit (Linux/MIPS) # =========================================================================== # This is a weaponized exploit for the NetUSB kernel vulnerability # discovered by SEC Consult Vulnerability Lab [1] # # I don't li ...
#!/usr/bin/env python # -*- coding: utf-8 -*- # Exploit Title: NetUSB Kernel Stack Buffer Overflow # Date: 9/10/15 # Exploit Author: Adrian Ruiz Bermudo # Vendor Homepage: wwwkcodescom/ # Version: Multiple: wwwsec-consultcom/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10txt # ...

Mailing Lists

NetUSB stack buffer overflow denial of service exploit ...

Github Repositories

Exploit KCodes NetUSB | Kernel Stack Buffer Overflow | Denial of Service (DoS) Exploit para explotar la vulnerabilidad CVE-2015-3036 Found by: Stefan Viehböck (Office Vienna) | SEC Consult Vulnerability Lab | wwwsec-consultcom Exploit author: Adrián Ruiz Bermudo | @funsecurity | wwwfunsecuritynet Advisory: wwwsec-consultcom/fxdata/secco

TD-W8970-NetUSB-Fix-v1- Fix NetUSB Bug for TD-W8970 v1 - Firmware Version: 060 214 v000c0 Build 150619 Rel50856n A serious vulnerability affecting the NetUSB kernel driver developed by Taiwan-based tech company KCodes exposes millions of routers to hack attack Researchers at SEC Consult discovered that the NetUSB driver is plagued by a kernel stack buffer overflow vulnera

MiraiSecurity Mirai wwwcdxyme/?p=746 wwwfreebufcom/articles/network/119403html pastebincom/svH8tvd9 wwwfreebufcom/sectool/130091html wwwtuicoolcom/articles/qM7rMnb h4ckth4tsh1tcom/indexphp?u=/topic/18/ggsetup-a-mirai-botnet githubcom/rootblack45/Mirai-Source-Modded githubcom/Screamfox/-Mirai-Iot-BotNet

Recent Articles

'Millions' of routers open to absurdly outdated NetUSB hijack
The Register • Darren Pauli • 20 May 2015

Vulnerability may allow ne'er-do-wells to access the 1990s

SEC Consult Vulnerability Lab Stefan Viehböck says potentially millions of routers and internet of things devices using KCodes NetUSB could be exposed to remote hijacking or denial of service attacks.
The packet fondler says the vulnerability (CVE-2015-3036) hits the Linux kernel module in scores of popular routers which serves to provide network access over TCP port 20005 to USB devices plugged into routers such as printers and external hard drives.
Viehböck says the vulnerability...

Details Surface on Unpatched KCodes NetUSB Bug
Threatpost • Michael Mimoso • 19 May 2015

The Department of Homeland Security-sponsored CERT at Carnegie Mellon University today issued an alert warning of a serious vulnerability in KCode NetUSB, which is integrated into products sold by a number of networking vendors.
KCodes NetUSB is a Linux kernel module that enables several users on a local network to share USB-based services over IP.
The vulnerability, reported by Stefan Viehbock of SEC Consult Vulnerability Lab, must be patched via new firmware. To date, SEC Consult s...