According to web application security testing specialists, over 25k Linksys Smart WiFi routers are impacted by a vulnerability that, if exploited, would allow hackers remote access without authentication to extensive critical resources on compromised devices.
Experts comment that this incident is similar
to a security flaw in the firmware of these devices emerged in 2014 (vulnerability
tracked as CVE-2014-8244); exploiting this flaw allowed hackers to obtain
confidential information and modify data through a JNAP action in a JNAP/HTTP
request.
Web application security testing experts
reported that the Linksys security team labeled this security flaw in the “Not
apply/Will not be fixed” category, so finishing the security incident.
Now, specialists found 25 617 Linksys routers
exposing sensitive information such as:
- Device
name - MAC
address of each device - Operating
system - WAN
settings, firewall status, firmware upgrade settings, and DDNS settings - Additional
metadata (device type, model number and a brief description)
It is possible to access these leaks by opening
the login interface of the Linksys Smart WiFi router in any web browser and
then clicking on the JNAP requests in the left sidebar, the web application
security testing specialists mentioned. Access to this information does not
require any kind of authentication, so any user without expertise can access
these leaks.
Threat actors exploiting vulnerability can
perform some malicious activities such as:
- Get
SSID and WiFi
password in plain text - Change
DNS settings to use malicious DNS server and hijack router traffic - Use
UPnP to redirect outgoing traffic to hacker-controlled devices - Disable
the user’s Internet connection or modify some other settings for malicious
purposes
However, not everything is lost; consider
experts from the International Institute of Cyber Security (IICS). According to
the reports, almost 15k of the vulnerable devices had the function of automatic
firmware updates enabled, so they will be protected if the company decides to
correct the vulnerability.
