CVE-2019-5016
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory read, resulting in a denial of service or remote information disclosure. An unauthenticated attacker can send a crafted packet on the local network to trigger this vulnerability.
Se presenta una vulnerabilidad explotable de lectura de memoria arbitraria en el módulo de kernel NetUSB.ko de KCodes, que habilita la funcionalidad de impresora ReadySHARE de al menos dos routers Nighthawk de NETGEAR y posiblemente otros proveedores y productos. Un valor de índice especialmente creado puede causar una lectura de memoria no válida, resultando en una denegación de servicio o divulgación de información remota. Un atacante no autenticado puede enviar un paquete creado en la red local para activar esta vulnerabilidad.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-04 CVE Reserved
- 2019-06-17 CVE Published
- 2023-07-27 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108820 | Broken Link | |
| https://talosintelligence.com/vulnerability_reports/TALOS-2019-0775 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netgear Search vendor "Netgear" | R8000 Firmware Search vendor "Netgear" for product "R8000 Firmware" | 1.0.4.28_10.1.54 Search vendor "Netgear" for product "R8000 Firmware" and version "1.0.4.28_10.1.54" | - |
Affected
| in | Netgear Search vendor "Netgear" | R8000 Search vendor "Netgear" for product "R8000" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | R7900 Firmware Search vendor "Netgear" for product "R7900 Firmware" | 1.0.3.810.037 Search vendor "Netgear" for product "R7900 Firmware" and version "1.0.3.810.037" | - |
Affected
| in | Netgear Search vendor "Netgear" | R7900 Search vendor "Netgear" for product "R7900" | - | - |
Safe
|
| Kcodes Search vendor "Kcodes" | Netusb.ko Search vendor "Kcodes" for product "Netusb.ko" | 1.0.2.66 Search vendor "Kcodes" for product "Netusb.ko" and version "1.0.2.66" | - |
Affected
| ||||||
| Kcodes Search vendor "Kcodes" | Netusb.ko Search vendor "Kcodes" for product "Netusb.ko" | 1.0.2.69 Search vendor "Kcodes" for product "Netusb.ko" and version "1.0.2.69" | - |
Affected
| ||||||