Linksys EA2700 and EA3500 are the two routers running Linksys SMART Wi-Fi firmware that are still affected by a couple of vulnerabilities recently patched in different models of the Belkin-owned networking gear.
On October 31th, the US-CERT issued the Vulnerability Note VU#447516 related to the presence of multiple vulnerabilities in Linksys SMART WiFi firmware.
An attacker could remotely exploit both the vulnerabilities to steal user credentials and access to the router settings.
The exploits for vulnerabilities are publicly available since September, a Turkish hacker published on his website the code to remotely hack the EA3500 and EA6500 models. Linksys EA series routers running the Linksys SMART WiFi firmware are affected by multiple flaw.
The researcher Kyle Lovett reported the vulnerabilities in July and Linksys fixed the flaws bugs on October 23th for the network devices included in the following list:
Linksys is urging his clients to enable automatic updates in the SOHO and consumers models.
“Linksys has an option to have automatic updates, which makes the patches hit far more units than other SOHO models out there,” explained Lovett.
The official advisory released by the US-CERT provided the following descriptions for the vulnerabilities in Linksys SMART WiFi firmware.
CWE-320: Key Management Errors – CVE-2014-8243
An unauthenticated attacker on the local area network (LAN) can read the router’s .htpassword file by requestinghttp(s)://<router_ip>/.htpasswd. The .htpasswd file contains the MD5 hash of the administrator password.
CWE-200: Information Exposure – CVE-2014-8244
A remote, unauthenticated user can issue various JNAP calls by sending specially-crafted HTTP POST requests to http(s)://<router_ip>/JNAP/. Depending on the JNAP action that is called, the attacker may be able to read or modify sensitive information on the router.
It should also be noted that the router exposes multiple ports to the WAN by default. Port 10080 and 52000 both expose the administrative web interface to WAN users. Depending on the model, additional ports may be exposed by default as well.
The CWE-200 is the most critical flaw because an attacker could send specially-crafted HTTP-POST requests to access sensitive data on the routers.
Recently numerous hacking campaigns hit SOHO devices, security experts at Rapid7 recently discovered a security vulnerability in NAT-PMP protocol implementations that puts 1.2 Million SOHO devices at risk.
The exploitation of the flaws could be exploited by bad actors to conduct different malicious activities, most serious and dangerous among them being the ability to redirect traffic to a website controlled by the attackers.
To fix the vulnerabilities in the models included in the list above apply the updates according the instructions provided in the security advisory issued by the US-CERT.
Security Affairs – (SOHO devices, Linksys)
Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…
Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…
The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…
This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…
The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…
This website uses cookies.