ALLNET GmbH Unknown

Notified:  April 15, 2015 Updated: April 15, 2015

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor References

    Ambir Technologies Not Affected

    Notified:  April 10, 2015 Updated: May 21, 2015

    Statement Date:   May 21, 2015

    Status

    Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    According to an Ambir representative, "We have no products that use the Kcodes technology or products nor do we resell Kcodes products."

    Asante Unknown

    Notified:  April 15, 2015 Updated: April 15, 2015

    Status

    Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor References

      Cisco Unknown

      Notified:  April 29, 2015 Updated: April 29, 2015

      Status

      Unknown

      Vendor Statement

      No statement is currently available from the vendor regarding this vulnerability.

      Vendor References

        Digitus Unknown

        Notified:  April 15, 2015 Updated: April 15, 2015

        Status

        Unknown

        Vendor Statement

        No statement is currently available from the vendor regarding this vulnerability.

        Vendor References

          D-Link Systems, Inc. Affected

          Notified:  April 10, 2015 Updated: May 22, 2015

          Statement Date:   May 21, 2015

          Status

          Affected

          Vendor Statement

          No statement is currently available from the vendor regarding this vulnerability.

          Vendor Information

          Several models are affected, included DIR-685 Rev. A1. An updated firmware is expected out by the end of May 2015 or sooner. For full list of affected models, please see the vendor advisory at the link below. The current shipping product-line which deploys Shareport Mobile or mydlink Shareport are not affected by this vulnerability.

          Vendor References

          Edimax Computer Company Unknown

          Notified:  April 10, 2015 Updated: April 10, 2015

          Status

          Unknown

          Vendor Statement

          No statement is currently available from the vendor regarding this vulnerability.

          Vendor References

            Encore Electronics Unknown

            Notified:  April 10, 2015 Updated: April 10, 2015

            Status

            Unknown

            Vendor Statement

            No statement is currently available from the vendor regarding this vulnerability.

            Vendor References

              IOGEAR Unknown

              Notified:  April 15, 2015 Updated: April 15, 2015

              Status

              Unknown

              Vendor Statement

              No statement is currently available from the vendor regarding this vulnerability.

              Vendor References

                KCodes Affected

                Notified:  April 06, 2015 Updated: April 08, 2015

                Status

                Affected

                Vendor Statement

                No statement is currently available from the vendor regarding this vulnerability.

                Vendor Information

                We are not aware of further vendor information regarding this vulnerability.

                LevelOne Unknown

                Notified:  April 10, 2015 Updated: April 10, 2015

                Status

                Unknown

                Vendor Statement

                No statement is currently available from the vendor regarding this vulnerability.

                Vendor References

                  Linksys Unknown

                  Notified:  April 29, 2015 Updated: April 29, 2015

                  Status

                  Unknown

                  Vendor Statement

                  No statement is currently available from the vendor regarding this vulnerability.

                  Vendor References

                    Longshine Networking Unknown

                    Notified:  April 10, 2015 Updated: April 10, 2015

                    Status

                    Unknown

                    Vendor Statement

                    No statement is currently available from the vendor regarding this vulnerability.

                    Vendor References

                      Netgear, Inc. Affected

                      Notified:  April 10, 2015 Updated: June 05, 2015

                      Status

                      Affected

                      Vendor Statement

                      No statement is currently available from the vendor regarding this vulnerability.

                      Vendor Information

                      Netgear calls the USB-over-IP feature "ReadySHARE" (http://www.netgear.com/readyshare). For more details, see Netgear's advisory at the URL below. The reporter has also identified the latest firmware for NETGEAR WNDR4500 as being affected. Others models may also be vulnerable.

                      Vendor References

                      Peplink Not Affected

                      Updated:  June 01, 2015

                      Statement Date:   June 01, 2015

                      Status

                      Not Affected

                      Vendor Statement

                      "Peplink has verified and confirmed that none of our devices make use of KCodes NetUSB, therefore we are unaffected by this vulnerability."

                      Vendor Information

                      We are not aware of further vendor information regarding this vulnerability.

                      Vendor References

                      PROLiNK Fida Intl Unknown

                      Notified:  April 10, 2015 Updated: April 10, 2015

                      Status

                      Unknown

                      Vendor Statement

                      No statement is currently available from the vendor regarding this vulnerability.

                      Vendor References

                        TP-LINK Affected

                        Notified:  April 10, 2015 Updated: May 18, 2015

                        Status

                        Affected

                        Vendor Statement

                        No statement is currently available from the vendor regarding this vulnerability.

                        Vendor Information

                        The vendor is in the process of releasing updated firmware addressing this vulnerability. Below is a list of affected devices, sent by the vendor to the reporter; CERT/CC has not been able to confirm this list directly with the vendor: DSL Modem Routers (Model Number) Hardware Version Release Date Archer VR200v V1.0 Already released TD-W8970 V3.0 Already released TD-W9980 V1.0 Already released Archer D2 V1.0 Before 2015/05/22 Archer D5 V1.0 Before 2015/05/25 Archer D7 V1.0 Before 2015/05/25 Archer D9 V1.0 Before 2015/05/25 TD-W8968 V3.0 Before 2015/05/25 TD-W8980 V3.0 Before 2015/05/25 TD-W8968 V1.0 Before 2015/05/30 TD-W8968 V2.0 Before 2015/05/30 TD-VG3631 V1.0 Before 2015/05/30 TD-W8970 V1.0 Before 2015/05/30 TD-W8970B V1.0 Before 2015/05/30 TD-W8980B V1.0 Before 2015/05/30 TD-W9980B V1.0 Before 2015/05/30 Archer D7B V1.0 Before 2015/05/31 TD-VG3631 V1.0 Before 2015/05/31 TX-VG1530(GPON) V1.0 Before 2015/05/31 TD-VG3511 V1.0 End-Of-Life Wireless Routers (Model Number) Hardware Version Release Date Archer C20 V1.0 Not affected Archer C7 V2.0 Already released Archer C2 V1.0 Before 2015/05/22 Archer C5 V1.2 Before 2015/05/22 Archer C9 V1.0 Before 2015/05/22 TL-WR3500 V1.0 Before 2015/05/22 TL-WR3600 V1.0 Before 2015/05/22 TL-WR4300 V1.0 Before 2015/05/22 Archer C20i V1.0 Before 2015/05/25 Archer C5 V2.0 Before 2015/05/30 Archer C7 V1.0 Before 2015/05/30 Archer C8 V1.0 Before 2015/05/30 TL-WR842ND V2.0 Before 2015/05/30 TL-WR1043ND V2.0 Before 2015/05/30 TL-WR1043ND V3.0 Before 2015/05/30 TL-WR1045ND V2.0 Before 2015/05/30 TL-WR842ND V1.0 End-Of-Life TD-W1042ND V1.0 End-Of-Life TD-W1043ND V1.0 End-Of-Life TD-WDR4900 V1.0 End-Of-Life The exact release date may change due to some unexpected incidents.

                        TRENDnet Affected

                        Notified:  April 10, 2015 Updated: May 27, 2015

                        Statement Date:   May 27, 2015

                        Status

                        Affected

                        Vendor Statement

                        No statement is currently available from the vendor regarding this vulnerability.

                        Vendor Information

                        Several TRENDnet models are affected, please see the security advisory below.

                        Vendor References

                        Western Digital Technologies Unknown

                        Notified:  April 10, 2015 Updated: April 10, 2015

                        Status

                        Unknown

                        Vendor Statement

                        No statement is currently available from the vendor regarding this vulnerability.

                        Vendor References

                          ZyXEL Affected

                          Notified:  April 10, 2015 Updated: May 22, 2015

                          Status

                          Affected

                          Vendor Statement

                          No statement is currently available from the vendor regarding this vulnerability.

                          Vendor Information

                          Updates are expected in June. List of models affected currently unavailable.

                          View all 20 vendors View less vendors