Serious Vulnerabilities Found on 25 Linksys Router Models
It looks like Linksys just a hit a major bump in the road. On Friday, a group of security experts from IOActive revealed a total of 10 major vulnerabilities in the firmware of 25 models of Linksys routers. Out of the ten vulnerabilities, six of them can be exploited remotely by any user without authentication. These ten Linksys vulnerabilities allow hackers to perform a wide range of attacks against these routers. These vulnerabilities can also obtain information about the kernel and version, and are able to execute code in the memory of vulnerable routers with route permissions, that could result in new malware.
“Two of the security issues we identified allow unauthenticated attackers to create a Denial-of-Service (DoS) condition on the router,” IOActive researcher Tao Sauvage wrote in a blog post. “By sending a few requests or abusing a specific API, the router becomes unresponsive and even reboots. The Admin is then unable to access the web admin interface and users are unable to connect until the attacker stops the DoS attack.”
Sauvage said that “11 percent of the active devices exposed were using default credentials, making them particularly susceptible to an attacker easily authenticating and potentially turning the routers into bots, similar to what happened in last year’s Mirai Denial of Service (DoS) attacks.”
The routers affected by these vulnerabilities are the EA2700, EA3500, EA4500v3, EA6200, EA6200, EA6300, EA6350v2, EA6350v3, EA6400, EA6500, EA6700, EA6900, EA7300, EA7400, EA7500, EA8300, EA8500, EA9200, EA9400, EA9500 , WRT1200AC, WRT1900AC, WRT1900ACS, and WRT3200ACM.
The company is currently working on a fix for the vulnerabilities and has recommended that owners change the default password for their administrator account.
We’ll keep you updated with any new updates from Linksys as they come. Until then, keep checking Solutions Review’s Wireless Network page for more.