Linksys Smart Wi-Fi Vulnerabilities

by CIRT Team

24 Apr 2017

in Security Advisories & Alerts

No Comments

2332

Description: Cyber security researchers from IOActive said in an advisory that after reverse engineering, the router firmware they identified total of 10 security vulnerabilities, ranging from low-to-high risk issues, six of which can be exploited remotely by unauthenticated attackers.

Impact: Because of these vulnerabilities, it allows unauthenticated attackers to create a Denial-of-Service (DoS) condition on the router. Attackers can also bypass the authentication protecting the CGI scripts to collect technical and sensitive information about the router, such as the firmware version and Linux kernel version, the list of running processes, the list of connected USB devices, or the WPS pin for the Wi-Fi connection. Authenticated attackers can inject and execute commands on the operating system of the router with root privileges.

Linksys has provided a list of all affected models:

EA2700
EA2750
EA3500
EA4500v3
EA6100
EA6200
EA6300
EA6350v2
EA6350v3
EA6400
EA6500
EA6700
EA6900
EA7300
EA7400
EA7500
EA8300
EA8500
EA9200
EA9400
EA9500
WRT1200AC
WRT1900AC
WRT1900ACS
WRT3200ACM

Mitigation: As per Linksys Security Advisory (linksys.com), they are working for new firmware update for all affected devices, by this time, they also advice below :

Enable Automatic Updates. Linksys Smart Wi-Fi devices include a feature to automatically Update the firmware when new versions are available. (Reference)
Disable Wi-Fi Guest Network if not in use. (Reference)
Change the default Administrator password. (Reference)

Reference URL’s: