10 Vulnerabilities Discovered in over 20 Linksys Smart WiFi Routers Potentially Allowing DoS Attack

Forum Moderators: open

Message Too Old, No Replies

10 Vulnerabilities Discovered in over 20 Linksys Smart WiFi Routers Potentially Allowing DoS Attack

tangor

6:28 am on Apr 21, 2017 (gmt 0)

Multiple models of Linksys Smart Wi-Fi Routers have vulnerabilities that might be exploited to create a botnet, security researchers at IOActive warn.

The flaws could be abused to overload a router and force a reboot, deny user access, leak sensitive information about the router and connected devices, or change restricted settings. Many of the active devices exposed were using default credentials, making them particularly susceptible to takeover.

Ten separate security issues (ranging from moderate to critical) make more than 20 models of Linksys Smart Wi-Fi Routers susceptible to attack. An initial search identified over 7,000 vulnerable devices exposed on the internet at the time of the scan.

[theregister.co.uk...]

Heads up.... a common enough piece which some of us might have....

keyplyr

8:39 am on Apr 21, 2017 (gmt 0)

There's been a couple reports over the last few years about router vulnerabilities. One estimate I read said over 20% of compromised hardware used to drone malicious activity was infected routers.

Considering routers usually do not have anti-virus software, alerts or warnings that computers have, it's understandable.

One of the ways routers can get infected is through mobile phones running on the router's WiFi then installing infected apps.

engine

5:15 pm on Apr 21, 2017 (gmt 0)

Linksys have issued a security advisory with a temporary fix while it says it's working on a a firmware update on all affected devices.

[linksys.com...]

Affected devices are:-
WRT Series
WRT1200AC
WRT1900AC
WRT1900ACS
WRT3200ACM

EAxxxx Series
EA2700
EA2750
EA3500
EA4500 v3
EA6100
EA6200
EA6300
EA6350 v2
EA6350 v3
EA6400
EA6500
EA6700
EA6900
EA7300
EA7400
EA7500
EA8300
EA8500
EA9200
EA9400
EA9500

Robert Charlton

10:18 pm on Apr 21, 2017 (gmt 0)

One of the ways routers can get infected is through mobile phones running on the router's WiFi then installing infected apps.

keyplyr, I would appreciate clarification on this, as I'm routinely running some mobile devices through my router's WiFi. Does this happen only when you choose to install an app that's infected... or will simply running through the router's WiFi in and of itself allow infection?

keyplyr

10:46 pm on Apr 21, 2017 (gmt 0)

The app would need to be infected and of course programmed to target the router.

Apps from the Google Play store and the Apple store have been vetted and are (usually) safe, but not the apps from 3rd party download sites.

Lookout (both the free & the paid version) scans all downloads for malware/viruses including any installed app. IMO a must for any smartphone today.