Linksys Router Zero Day

Tuesday, January 15, 2013 @ 05:01 PM gHale

There is a remote root access vulnerability in the default installation of Linksys routers.

DefenseCode researchers contacted Cisco and shared a detailed vulnerability description along with the PoC exploit for the vulnerability. Cisco said they already fixed the vulnerability in the latest firmware release, but that was not the case. The latest Linksys firmware (4.30.14) and all previous versions are still vulnerable.

FBI: Backdoor Free for Hackers
Romanian Domain Firm Hacked
Routers Hacked via Email
DNS Records Hacked

“According to numbers available on the Internet, Cisco Linksys is a very popular router with more than 70,000,000 routers sold,” said Leon Juranic, DefenseCode chief executive. “This creates an immense playground for anyone in possession of a Zero Day exploit.”

Researchers found the vulnerability during a Cisco Linksys product security evaluation for a client and it took the researchers 12 days to develop a fully working exploit. That includes hardware hacking for router debugging, vulnerability analysis, memory analysis and exploit development.

After the researchers posted their findings online, Cisco finally got in touch again. They should release a fix in time for the full advisory, which should be out within 10 days.

Leave a Reply

You must be logged in to post a comment.