Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote Linksys 0-Day Root Exploit Uncovered

Posted by samzenpus on from the protect-ya-neck dept.

Orome1 writes "DefenseCode researchers have uncovered a remote root access vulnerability in the default installation of Linksys routers. They contacted Cisco and shared a detailed vulnerability description along with the PoC exploit for the vulnerability. Cisco claimed that the vulnerability was already fixed in the latest firmware release, which turned out to be incorrect. The latest Linksys firmware (4.30.14) and all previous versions are still vulnerable."

3 of 133 comments (clear)

  1. WRT54GL by markdavis · · Score: 5, Informative

    Yes, you would think the summary would at LEAST say *WHICH* router it affects, since Linksys has lots of different models. It is the WRT54GL.

    I *love* that router and have probably 30 of them. Low power draw, real antenna, wall mountable, etc. My recommendation- install Toastman Tomato on it. They never crash, freeze, freak out, not work with certain devices, etc. Rock solid stuff.

    Strangely, the WRT54GL is STILL BEING SOLD!

    1. Re:WRT54GL by VValdo · · Score: 5, Informative

      I agree it's bad form not to put the router models in the summary. But from the press release...

      Exploit shown in this video has been tested on Cisco Linksys WRT54GL, but other Linksys versions/models are probably also affected.

      (emphasis mine)

      Incidentally, re: the GL model of the Linksys-- the "L" I'm pretty sure stands for Linux, and was the model that was in response to everyone reinstalling dd-wrt and other firmware...

      --
      -------------------
      This is my SIG. There are many like it, but this one is mine.
  2. Public Service Announcement by Raystonn · · Score: 5, Informative

    Unless you have remote administration enabled, this exploit is only achievable from a system within the local network. This attack is not an internet threat.