Not-so-smart Routers From Linksys

It wouldn’t be bad if they admitted they had a problem and fixed it. Linksys Smart Wi-Fi Routers Leak Info of Connected Devices.

The vulnerability let’s bad guys “remote and unauthenticated access to a vast array of sensitive device information.” But the programmers are not interested in fixing the problem.

However, as Bad Packets’ security researcher Troy Mursch discovered, although that flaw was supposedly fixed about five years ago, the vulnerability is still there. To make things even worse, as Mursch says, the Linksys security team tagged his vulnerability report as “Not applicable / Won’t fix” and closed the issue.

Here’s link directly to the list of impacted routers.

And that doesn’t include the list of thousands of routers that are deployed using the default admin username and password. Because if you put something on the public internet with no security, you deserve to be hacked.

Advertisements