There are currently no known active attacks, but attackers could insert malicious code into routers– Inject and execute models. you can do that
Routers at risk: These manufacturers are affected
Referring to SentinalOne, Heise reports that the vulnerability is in the NetUSB kernel module from the manufacturer KCodes (CVE-2021-45608). NetUSB is there so that you can use USB devices connected to the router from end devices in the LAN.
The following manufacturers license the KCodes-NetUSB module:
- D link
- EDiMAX
- Netgear
- tenda
- TP link
- Western Digital
So if you have a router from one of the manufacturers, your device could also be affected by the vulnerability.
What can happen?
Attackers could use the vulnerability to gain access to a router and execute malicious code there. Also, they could take over the system and steal and encrypt your data.
There is help here
NETGEAR has already provided updated firmware fixes for 19 routers that you should install as soon as possible. You can find out what these are on the official website. TP-Link has also developed and released firmware fixes for the NetUSB protocol vulnerability.
D-Link writes, for example: “When researching the source code of our product line, we identified the older model DIR-685 as affected.” The manufacturer reveals what you can do here.
Sources: heise, Netgear, TP-Link, D-Link