Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
DeepCool LS720 (LCS) review
Fractal Design Pop Air RGB Black TG review
Palit GeForce GTX 1630 4GB Dual review
FSP Dagger Pro (850W PSU) review
Razer Leviathan V2 gaming soundbar review
Guru3D NVMe Thermal Test - the heatsink vs. performance
EnGenius ECW220S 2x2 Cloud Access Point review
Alphacool Eisbaer Aurora HPE 360 LCS cooler review
Noctua NH-D12L CPU Cooler Review
Silicon Power XPOWER XS70 1TB NVMe SSD Review

New Downloads
Prime95 download version 30.9 build 1
Intel ARC graphics Driver Download Version: 30.0.101.1743
AMD Radeon Software Adrenalin 22.6.1 WHQL driver download
GeForce 516.59 WHQL driver download
Media Player Classic - Home Cinema v1.9.22 Download
AMD Chipset Drivers Download v4.06.10.651
CrystalDiskInfo 8.17 Download
AMD Radeon Software Adrenalin 22.6.1 Windows 7 driver download
ReShade download v5.2.2
HWiNFO Download v7.26


New Forum Topics
Review: DeepCool LS720 (LCS) Sharkoon Launches PureWriter RGB White NVIDIA GeForce 516.59 WHQL driver download & Discussion JIUSHARK Side-flow M.2 SSD cooler with 60mm fan cools up-to 50% In collaboration with Alphacool, ELSA releases RTX 3090 Liquid Cooled WD Gold 1TB in RAID does speed transfer decrease ? Ubisoft is cutting off online gameplay for 15 games, players will no longer have access to purchased DLC AMD Radeon Software Adrenalin 22.6.1 - Driver download and discussion EK Launches PCIe 4.0 GPU Vertical Bracket Can you measure if a CPU was used before?




Guru3D.com » News » Linksys-routers Vulnerable due to multiple cgi-scripts

Linksys-routers Vulnerable due to multiple cgi-scripts

by Hilbert Hagedoorn on: 12/08/2015 04:27 PM | source: | 6 comment(s)
Linksys-routers Vulnerable due to multiple cgi-scripts

Linksys routers ranging from model EA6100 up-to EA6300 are Vulnerable and exploitable due to multiple cgi-scripts. The scripts can be used by an unauthorized attacker, which can get them access to the master password of the device.

Linksys' EA6100-6300 wireless routers will need a patch reports the register: KoreLogic has published an advisory saying that CGI scripts in the admin interface open the device up to remote attackers. Since it's a consumer product the risk is high that most of the devices out there never would be patched. The bad scripts include the bootloader, sysinfo.cgi, ezwifi_cfg.cgi, qos_info.cgi and others.

The disclosure is attributed to Matt Bergin of KoreLogic. His proof-of-concept code provided with the advisory includes testing the target device to see if its admin password remains set to default. At the time of writing, Linksys has not published a fix, so it's at the very least recommended to shut down remote admin access to any devices you're in contact with.



Linksys-routers Vulnerable due to multiple cgi-scripts Linksys-routers Vulnerable due to multiple cgi-scripts




« Radeon Technology Group - Tech update December 2015 · Linksys-routers Vulnerable due to multiple cgi-scripts · MSI Afterburner 4.2.0 Updated »

2 pages 1 2


Ferrum Master
Unregistered



#5203266 Posted on: 12/08/2015 06:55 PM
EA-6300V1?? that's also same as EA6400 is also affected?

lucidus
Senior Member



Posts: 11835
Joined: 2011-12-31

#5203270 Posted on: 12/08/2015 07:07 PM
Ugh .. I really should replace mine with an Asus or TP-link.

nexxusting
Senior Member



Posts: 191
Joined: 2015-08-21

#5203364 Posted on: 12/08/2015 11:45 PM
Pfsense ftw.

dirtm
Junior Member



Posts: 7
Joined: 2015-08-04

#5203546 Posted on: 12/09/2015 02:42 PM
My decision to stay away from Linksys for a while after the 2012 Cisco Connect Cloud saga has been well founded, knew these guys needed to learn a few things before they could be trusted again.

Corrupt^
Senior Member



Posts: 7115
Joined: 2005-12-02

#5203585 Posted on: 12/09/2015 04:48 PM
Ugh .. I really should replace mine with an Asus or TP-link.


If you can, do so. Just moved, I'm on my 2nd ASUS router running DD-WRT. Gave my parents the old one considering I put some scripts and what not in place to clear old stuff and reboot once a week.

2 pages 1 2


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2022