Fractal Design Pop Air RGB Black TG review
Palit GeForce GTX 1630 4GB Dual review
FSP Dagger Pro (850W PSU) review
Razer Leviathan V2 gaming soundbar review
Guru3D NVMe Thermal Test - the heatsink vs. performance
EnGenius ECW220S 2x2 Cloud Access Point review
Alphacool Eisbaer Aurora HPE 360 LCS cooler review
Noctua NH-D12L CPU Cooler Review
Silicon Power XPOWER XS70 1TB NVMe SSD Review
Hyte Y60 chassis review
Linksys-routers Vulnerable due to multiple cgi-scripts
Linksys routers ranging from model EA6100 up-to EA6300 are Vulnerable and exploitable due to multiple cgi-scripts. The scripts can be used by an unauthorized attacker, which can get them access to the master password of the device.
Linksys' EA6100-6300 wireless routers will need a patch reports the register: KoreLogic has published an advisory saying that CGI scripts in the admin interface open the device up to remote attackers. Since it's a consumer product the risk is high that most of the devices out there never would be patched. The bad scripts include the bootloader, sysinfo.cgi, ezwifi_cfg.cgi, qos_info.cgi and others.
The disclosure is attributed to Matt Bergin of KoreLogic. His proof-of-concept code provided with the advisory includes testing the target device to see if its admin password remains set to default. At the time of writing, Linksys has not published a fix, so it's at the very least recommended to shut down remote admin access to any devices you're in contact with.
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 1329
Joined: 2004-07-10
Not sure if I can really recommend TP-Link. Bought one last year; dual band model, worked fine for about 3 months and then it just went dead. Wasted $70. Switched to Linksys and has not caused any major issues for well over a year now. Although it does drop the connection every now and then but doesn't happen often. Compared to a Netgear one I had, that one was garbage.