Linksys routers vulnerable to attacks2017-04-21 00:01 by Daniela
IOActive, a Seattle-based security company, found 10 vulnerabilities in more than 20 Linksys router models.
The routers are vulnerable to attacks that allow a third party to reboot, lock out and extract sensitive router data from affected devices. Among the affected models are some of the latest Linksys Smart Wi-Fi Router brands, specifically the EA and WRT series.
During its investigation, IOActive identified 7,000 of the vulnerable routers in use. But it said more than 100,000 additional routers vulnerable to the flaws could also be in use.
"The 7,000 devices we mentioned represent only the devices we found, and not the devices that are actually running. Linksys has not provided any specific estimate so we can only guess how many there are. We wouldn't be surprised if there was tens or hundreds of thousands impacted, based on the popularity of Linksys routers and based on how many models are affected," said Tao Sauvage, a security consultant with IOActive Labs.
The flaws range in severity, especially vulnerable are routers that have their web-based administrative interfaces exposed to the internet. Some of the admin interface flaws allow unauthenticated users to access several CGI scripts on the routers, revealing sensitive information about the devices and their configuration, others allow for denial of service attacks by using specifically crafted requests. These vulnerabilities can also be used to obtain information about the router's configuration settings and connected devices. The most severe vulnerability could allow attackers to execute shell commands with root privileges on the affected routers, this could potentially be used to setup a backdoor administrative account.
Currently, there's no fix for the flaws, disabling external access to the web admin interface is highly recommended. Linksys is aware of the issues.
Read more -here-