A simple but shockingly dangerous vulnerability has been uncovered in the NetUSB component. Millions of modern routers and other embedded devices across the globe at risk of being compromised by hackers. The security vulnerability, assigned CVE-2015-3036, is a remotely exploitable kernel stack buffer overflow flaw. Hackers could run an attack to either crash the device running the kernel module or compromise a router to install malware and spyware on its owners. As NetUSB service code runs in kernel mode, hackers within the local network can easily exploit this vulnerability.
Source: https://thehackernews.com/2015/05/netusb-router-hacking.html