Security researchers have found that a number of Linksys Smart Wi-Fi routers contain vulnerabilities that could be exploited to form part of a botnet. Cybersecurity consultancy IOActive discovered that these flaws – ten separate issues across twenty models – could allow hackers to take over the device and change its credentials, deny user access, or leak information. During an initial scan, IO Active found there to be more than 7,000 vulnerable routers online at the time.
“A number of the security flaws we found are associated with authentication, data sanitisation, privilege escalation, and information disclosure,” Tao Sauvage, senior security consultant at IOActive, said (via The Register). “Additionally, 11 per cent of the active devices exposed were using default credentials, making them particularly susceptible to an attacker easily authenticating and potentially turning the routers into bots, similar to what happened in last year’s Mirai Denial of Service (DoS) attacks.”
The following Linksys routers have been found to contain these known vulnerabilities:
WRT Series
WRT1200AC
WRT1900AC
WRT1900ACS
WRT3200ACMEAxxxx Series
EA2700
EA2750
EA3500
EA4500 v3
EA6100
EA6200
EA6300
EA6350 v2
EA6350 v3
EA6400
EA6500
EA6700
EA6900
EA7300
EA7400
EA7500
EA8300
EA8500
EA9200
EA9400
EA9500
While a fix is coming soon, in the meantime Linksys recommends disabling guest networks.
“Working together with IOActive, we’ve been able to efficiently put a plan together to address the issues identified and proactively communicate recommendations for keeping customer devices and data secure,” Benjamin Samuels, an application security engineer at Belkin (Linksys Division), said. “Security is a high priority and by taking a few simple steps, customers can ensure their devices are more secure while we address the findings.”
“Linksys was recently notified of some vulnerabilities in our Linksys Smart Wi-Fi series of routers,” Samuels added. “As we work towards publishing firmware updates, as a temporary fix, we recommend that customers using Guest Networks on any of the affected products below temporarily disable this feature to avoid any attempts at malicious activity.”
As the latest addition to the Core V Series, the new Thermaltake Core V21 is…
The TOUGHAIR 110 is a single tower, 114mm tall top-flow designed single fan CPU cooler…
【Ultra 100H Playtime & Fast Charging】 Rebocico bluetooth headphones could get at least 100 hours…
WORN BY CHAMPIONS - Faker, Rain, and James Baldwin wear the Arctis Nova Pro Wireless…
Easy and cute white does well with casual gaming vibes The gain knob and tap-to-mute…
Connectivity: Logitech G435 is the first headset with LIGHTSPEED wireless and low latency Bluetooth connectivity,…