GALAX GeForce RTX 4070 Ti EX White review
Cougar Terminator gaming chair review
G.Skill TridentZ5 RGB DDR5 7200 CL34 2x16 GB review
ASUS TUF Gaming B760-PLUS WIFI D4 review
Netac NV7000 2 TB NVMe SSD Review
ASUS GeForce RTX 4080 Noctua OC Edition review
MSI Clutch GM51 Wireless mouse review
ASUS ROG STRIX B760-F Gaming WIFI review
Asus ROG Harpe Ace Aim Lab Edition mouse review
SteelSeries Arctis Nova Pro Headset review
Linksys-routers Vulnerable due to multiple cgi-scripts
Linksys routers ranging from model EA6100 up-to EA6300 are Vulnerable and exploitable due to multiple cgi-scripts. The scripts can be used by an unauthorized attacker, which can get them access to the master password of the device.
Linksys' EA6100-6300 wireless routers will need a patch reports the register: KoreLogic has published an advisory saying that CGI scripts in the admin interface open the device up to remote attackers. Since it's a consumer product the risk is high that most of the devices out there never would be patched. The bad scripts include the bootloader, sysinfo.cgi, ezwifi_cfg.cgi, qos_info.cgi and others.
The disclosure is attributed to Matt Bergin of KoreLogic. His proof-of-concept code provided with the advisory includes testing the target device to see if its admin password remains set to default. At the time of writing, Linksys has not published a fix, so it's at the very least recommended to shut down remote admin access to any devices you're in contact with.
lucidus
Senior Member
Posts: 11835
Joined: 2011-12-31
Senior Member
Posts: 11835
Joined: 2011-12-31
#5203270 Posted on: 12/08/2015 07:07 PM
Ugh .. I really should replace mine with an Asus or TP-link.
Ugh .. I really should replace mine with an Asus or TP-link.
nexxusting
Senior Member
Posts: 191
Joined: 2015-08-21
Senior Member
Posts: 191
Joined: 2015-08-21
#5203364 Posted on: 12/08/2015 11:45 PM
Pfsense ftw.
Pfsense ftw.
dirtm
Junior Member
Posts: 7
Joined: 2015-08-04
Junior Member
Posts: 7
Joined: 2015-08-04
#5203546 Posted on: 12/09/2015 02:42 PM
My decision to stay away from Linksys for a while after the 2012 Cisco Connect Cloud saga has been well founded, knew these guys needed to learn a few things before they could be trusted again.
My decision to stay away from Linksys for a while after the 2012 Cisco Connect Cloud saga has been well founded, knew these guys needed to learn a few things before they could be trusted again.
Corrupt^
Senior Member
Posts: 7186
Joined: 2005-12-02
Senior Member
Posts: 7186
Joined: 2005-12-02
#5203585 Posted on: 12/09/2015 04:48 PM
If you can, do so. Just moved, I'm on my 2nd ASUS router running DD-WRT. Gave my parents the old one considering I put some scripts and what not in place to clear old stuff and reboot once a week.
Ugh .. I really should replace mine with an Asus or TP-link.
If you can, do so. Just moved, I'm on my 2nd ASUS router running DD-WRT. Gave my parents the old one considering I put some scripts and what not in place to clear old stuff and reboot once a week.
Click here to post a comment for this news story on the message forum.
Unregistered
EA-6300V1?? that's also same as EA6400 is also affected?