Remote Linksys 0-Day Root Exploit Uncovered

Orome1 writes "DefenseCode researchers have uncovered a remote root access vulnerability in the default installation of Linksys routers. They contacted Cisco and shared a detailed vulnerability description along with the PoC exploit for the vulnerability. Cisco claimed that the vulnerability was already fixed in the latest firmware release, which turned out to be incorrect. The latest Linksys firmware (4.30.14) and all previous versions are still vulnerable."

Zero day?

[arth1]

What's zero-day about this exploit?
It was found during testing, and there are no exploits in the wild.

As such it fails BOTH tests for being a zero day exploit:
- The company must not know the details of the exploit
- It must be in the wild

Stop using the phrase "zero day" about just any exploitable bug. Call them security vulnerabilities, which is what they are.

Re:Zero day?

In fact I bet 95% of affected routers have the default web interface password anyway.

Yes, with the user/pass as admin/password or admin/admin! :-0

Re:WRT54GL

[NatasRevol]

Anyone running stock on a WRT54GL deserves to be hacked.

That's one of the dumber arguments I've ever seen on Slashdot.

Re:WRT54GL

[Barryke]

The market for WRT54GL is there because of people buying it to put their own firmware on.

Re:WRT54GL

You say DDWRT, I say Tomato.

Re:WRT54GL

[dutchwhizzman]

You are forgetting that a lot of people bought it because "the guy that knows computers" said it was "the best model", never understanding why and how to take advantage of the added value of the GL over the budget model. The amount of home computer equipment that gets bought on recommendation of either the sales guy, the neighbour kid or the relative that works in IT is staggeringly high. Those people will most likely still be running stock firmware, probably a relic version at that.