Researcher Tao Sauvage from IOActive recently released his results on the work he was doing with Linksys routers. And what he found was a bit shocking. During his investigation he was able to uncover 10 vulnerabilities, 6 of the 10 are able to be remotely exploited.
The vulnerabilities run a pretty wide gambit, ranging from DoS attacks on the router via an API exploit, to accessing detailed sensitive network information, to RCE (remote code execution) on the routers OS, to creating backdoor accounts on the router with persistent access. All of which are serious issues.
I think we all understand the risks of allowing malicious players on your private network with root access.
“We are working to provide a firmware update for all affected devices.” – Linksys Advisory
The list of affected devices is pretty long and seems to be most of Linksys’ newest routers with the Smart WiFi feature. According to Linksys’ official support page, they’re working on the issue, but in the meantime, they’d like everyone to disable the Guest Network, and enable Automatic Updates. Oh and PLEASE, as always, change the default admin login and password.
Please follow the link to Linksys’ Security Advisory to find out if your router is on the list.