Netgear and ZyXEL confirm NetUSB flaw, are working on fixes

Networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected by a recently disclosed vulnerability in a USB device-sharing service called NetUSB.

ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year.

The vulnerability, tracked as CVE-2015-3036, is located in a Linux kernel module called NetUSB that’s commonly used in routers and other embedded devices. The module is developed by a Taiwan-based company called KCodes Technology and allows routers to share USB devices with other computers via the Internet Protocol (IP).

To read this article in full or to leave a comment, please click here