News

Thousands of Linksys Routers Found to be Leaking Information

Giulio Saggin
Giulio Saggin
Tuesday, 28 November 2023

More than 25,000 Linksys Smart Wi-Fi routers are leaking information to the internet, including the MAC address of every device that has ever connected to it (full historical record), device name and operating system. Other information about the router, such as the WAN settings, firewall status, firmware update settings, and DDNS settings are also leaked publicly.

If a device's name includes the full name of the owner, attackers can determine their identity and geolocate them via the Linksys Smart Wi-Fi router's public IP address. Services such as WiGLE allow users to obtain the exact geographical coordinates of a WiFi network - based on its MAC address or SSID - and an attacker can query the target Linksys Smart Wi-Fi router, get it’s MAC address, and immediately geolocate it.

Other Home Network Administration Protocol's are vulnerable and an attacker can work out which routers have not changed the default password without even attempting to login to the device. Admin access to a router allows attackers to, among other things, obtain the SSID and Wi-Fi password in plaintext, change the DNS settings to use a rogue DNS server to hijack web traffic and create an OpenVPN account to route malicious traffic through the router.

Thirty two models of Linksys Smart Wi-Fi routers are vulnerable, with a global total numbering over 25,000 in 146 countries and on the network of nearly 2,000 ISPs.

See the full findings at Bad Packets Report

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203