According to an advisory published by the KoreLogic firm the Linksys EA6100-6300 wireless routers are vulnerable to attacks due to flawed CGI scripts.
Once again IoT devices are in the headlines, once again SOHO routers are affected by a security vulnerability that opens users to cyber attacks. According to the KoreLogic firm, the flawed devices are the Linksys EA6100-6300 wireless routers, the company has published an advisory reporting that security issues affect the CGI scripts in the admin interface opening the device to remote attacks.
“Multiple CGI scripts in the web-based administrative interface of the Linksys EA6100 – EA6300 Wireless Router allow unauthenticated access to the high-level administrative functions of the device.” the advisory says
“This vulnerability can be leveraged by an unauthenticated attacker to obtain the router’s administrative password and subsequently arbitrarily configure the device.”
Many of the CGI scripts in the admin interface provide an attacker with unauthenticated access to the device allowing him to get the router’s admin password.
“Other CGI files that are accessible from an unauthenticated perspective can be used to configure settings for the affected device. This led to the development of an exploit to abuse these vulnerabilities.” the advisory continues.
The flawed scripts include the bootloader, sysinfo.cgi, ezwifi_cfg.cgi, qos_info.cgi and others.
The company the security issued to Linksys, but it still waiting for a reply, the Linksys EA6100-6300 wireless routers are consumer products, this means that once the security update will be available end-users will have to apply it. Unfortunately in many cases end-users fail to apply the patches and end users remain open to cyber attacks.
Matt Bergin of KoreLogic also published a proof-of-concept code provided with the advisory. The PoC includes the code for testing the Linksys EA6100-6300 wireless routers to see if they still use the factory admin password.
Waiting for a fix let me suggest to disable the remote admin access to your Linksys EA6100-6300 wireless router.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.