Over 25,000 Linksys Smart Wi-Fi routers vulnerable to sensitive information disclosure flaw

guest · May 13, 2019

Over 25,000 Linksys Smart Wi-Fi routers vulnerable to sensitive information disclosure flaw
May 13, 2019
https://badpackets.net/over-25000-l...ble-to-sensitive-information-disclosure-flaw/

Our honeypots frequently detect scans targeting various home automation protocol endpoints. Many of these attacks aim to exploit vulnerable consumer routers. Upon further investigation, we’ve discovered a persistent flaw affecting Linksys Smart Wi-Fi routers that allows unauthenticated remote access to sensitive information.
How many Linksys Smart Wi-Fi routers are vulnerable?
Using data provided by BinaryEdge, our scans have found 25,617 Linksys Smart Wi-Fi routers are currently leaking sensitive information to the public internet, including:
In some cases additional metadata is logged such as device type, model number, and description – as seen in the example below.

Other sensitive information about the router such as the WAN settings, firewall status, firmware update settings, and DDNS settings are also leaked publicly.
Click to expand...

The full list of vulnerable models and firmware versions is available here.
Closing remarks
Due to the sensitive nature of this vulnerability, the IP addresses of the affected Linksys Smart Wi-Fi routers will not be published publicly.

Unfortunately, our typical recommendation of keeping your router’s firmware up-to-date is not applicable in this case as no fix is available. Disabling remote web access as a workaround is not an option because Linksys Smart Wi-Fi routers require it for the Linksys App to function.
Click to expand...

hawki · May 13, 2019

I have now tried three times to inquire about this vulnerability on the Linksys Forums -- My posts were deleted each and every time !!

In view of the following from the link in the OP, I guess I should not be surprised.

"Upon contacting the Linksys security team (security@linksys.com) we were advised to report the vulnerability via this form. After submitting our findings, the reviewing analyst determined the issue was “Not applicable / Won’t fix” and subsequently closed."

https://badpackets.net/over-25000-l...ble-to-sensitive-information-disclosure-flaw/

Outrageous Censorship !!

Linksys Coverup ??

hawki · May 20, 2019

Linksys Security Advisory

"Bad Packets Report (Date: 5/14/2019)

Linksys responded to a vulnerability submission from Bad Packets on May 7th, 2019 regarding a potential sensitive information disclosure flaw: CVE-2014-8244 (which was fixed in 2014). We quickly tested the router models flagged by Bad Packets using the latest publicly available firmware (with default settings) and have not been able to reproduce CVE-2014-8244; meaning that it is not possible for a remote attacker to retrieve sensitive information via this technique. JNAP commands are only accessible to users connected to the router’s local network. We believe that the examples provided by Bad Packets are routers that are either using older versions of firmware or have manually disabled their firewalls. Customers are highly encouraged to update their routers to the latest available firmware and check their router security settings to ensure the firewall is enabled."

https://www.linksys.com/us/support-article?articleNum=246427

itman · May 21, 2019

Bad Packets Twitter site great for info on latest attacks against routers and network devices: https://twitter.com/bad_packets

Log in or Sign up

Over 25,000 Linksys Smart Wi-Fi routers vulnerable to sensitive information disclosure flaw

guest Guest

hawki Registered Member

hawki Registered Member

itman Registered Member

Log in or Sign up

Over 25,000 Linksys Smart Wi-Fi routers vulnerable to sensitive information disclosure flaw

guest Guest

hawki Registered Member

hawki Registered Member

itman Registered Member

Useful Searches