Once again IoT devices are in the headlines, once again SOHO routers are affected by a security vulnerability that opens users to cyber attacks. According to the KoreLogic firm, the flawed devices are the Linksys EA6100-6300 wireless routers, the company has published an advisory reporting that security issues affect the CGI scripts in the admin interface opening the device to remote attacks.
“Multiple CGI scripts in the web-based administrative interface of the Linksys EA6100 – EA6300 Wireless Router allow unauthenticated access to the high-level administrative functions of the device.” the advisory says
“This vulnerability can be leveraged by an unauthenticated attacker to obtain the router’s administrative password and subsequently arbitrarily configure the device.”
Many of the CGI scripts in the admin interface provide an attacker with unauthenticated access to the device allowing him to get the router’s admin password.
“Other CGI files that are accessible from an unauthenticated perspective can be used to configure settings for the affected device. This led to the development of an exploit to abuse these vulnerabilities.” the advisory continues.
The flawed scripts include the bootloader, sysinfo.cgi, ezwifi_cfg.cgi, qos_info.cgi and others.
The company the security issued to Linksys, but it still waiting for a reply, the Linksys EA6100-6300 wireless routers are consumer products, this means that once the security update will be available end-users will have to apply it. Unfortunately in many cases end-users fail to apply the patches and end users remain open to cyber attacks.
Matt Bergin of KoreLogic also published a proof-of-concept code provided with the advisory. The PoC includes the code for testing the Linksys EA6100-6300 wireless routers to see if they still use the factory admin password.
Waiting for a fix let me suggest to disable the remote admin access to your Linksys EA6100-6300 wireless router.
(Security Affairs – Linksys EA6100-6300 wireless routers, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.