Thousands of Linksys Routers Found to be Leaking Information
More than 25,000 Linksys Smart Wi-Fi routers are leaking information to the internet, including the MAC address of every device that has ever connected to it (full historical record), device name and operating system. Other information about the router, such as the WAN settings, firewall status, firmware update settings, and DDNS settings are also leaked publicly.
If a device's name includes the full name of the owner, attackers can determine their identity and geolocate them via the Linksys Smart Wi-Fi router's public IP address. Services such as WiGLE allow users to obtain the exact geographical coordinates of a WiFi network - based on its MAC address or SSID - and an attacker can query the target Linksys Smart Wi-Fi router, get it’s MAC address, and immediately geolocate it.
Other Home Network Administration Protocol's are vulnerable and an attacker can work out which routers have not changed the default password without even attempting to login to the device. Admin access to a router allows attackers to, among other things, obtain the SSID and Wi-Fi password in plaintext, change the DNS settings to use a rogue DNS server to hijack web traffic and create an OpenVPN account to route malicious traffic through the router.
Thirty two models of Linksys Smart Wi-Fi routers are vulnerable, with a global total numbering over 25,000 in 146 countries and on the network of nearly 2,000 ISPs.
See the full findings at Bad Packets Report