DeepCool LS720 (LCS) review
Fractal Design Pop Air RGB Black TG review
Palit GeForce GTX 1630 4GB Dual review
FSP Dagger Pro (850W PSU) review
Razer Leviathan V2 gaming soundbar review
Guru3D NVMe Thermal Test - the heatsink vs. performance
EnGenius ECW220S 2x2 Cloud Access Point review
Alphacool Eisbaer Aurora HPE 360 LCS cooler review
Noctua NH-D12L CPU Cooler Review
Silicon Power XPOWER XS70 1TB NVMe SSD Review
Linksys-routers Vulnerable due to multiple cgi-scripts
Linksys routers ranging from model EA6100 up-to EA6300 are Vulnerable and exploitable due to multiple cgi-scripts. The scripts can be used by an unauthorized attacker, which can get them access to the master password of the device.
Linksys' EA6100-6300 wireless routers will need a patch reports the register: KoreLogic has published an advisory saying that CGI scripts in the admin interface open the device up to remote attackers. Since it's a consumer product the risk is high that most of the devices out there never would be patched. The bad scripts include the bootloader, sysinfo.cgi, ezwifi_cfg.cgi, qos_info.cgi and others.
The disclosure is attributed to Matt Bergin of KoreLogic. His proof-of-concept code provided with the advisory includes testing the target device to see if its admin password remains set to default. At the time of writing, Linksys has not published a fix, so it's at the very least recommended to shut down remote admin access to any devices you're in contact with.
lucidus
Senior Member
Posts: 11835
Joined: 2011-12-31
Senior Member
Posts: 11835
Joined: 2011-12-31
#5203270 Posted on: 12/08/2015 07:07 PM
Ugh .. I really should replace mine with an Asus or TP-link.
Ugh .. I really should replace mine with an Asus or TP-link.
nexxusting
Senior Member
Posts: 191
Joined: 2015-08-21
Senior Member
Posts: 191
Joined: 2015-08-21
#5203364 Posted on: 12/08/2015 11:45 PM
Pfsense ftw.
Pfsense ftw.
dirtm
Junior Member
Posts: 7
Joined: 2015-08-04
Junior Member
Posts: 7
Joined: 2015-08-04
#5203546 Posted on: 12/09/2015 02:42 PM
My decision to stay away from Linksys for a while after the 2012 Cisco Connect Cloud saga has been well founded, knew these guys needed to learn a few things before they could be trusted again.
My decision to stay away from Linksys for a while after the 2012 Cisco Connect Cloud saga has been well founded, knew these guys needed to learn a few things before they could be trusted again.
Corrupt^
Senior Member
Posts: 7115
Joined: 2005-12-02
Senior Member
Posts: 7115
Joined: 2005-12-02
#5203585 Posted on: 12/09/2015 04:48 PM
If you can, do so. Just moved, I'm on my 2nd ASUS router running DD-WRT. Gave my parents the old one considering I put some scripts and what not in place to clear old stuff and reboot once a week.
Ugh .. I really should replace mine with an Asus or TP-link.
If you can, do so. Just moved, I'm on my 2nd ASUS router running DD-WRT. Gave my parents the old one considering I put some scripts and what not in place to clear old stuff and reboot once a week.
Click here to post a comment for this news story on the message forum.
Unregistered
EA-6300V1?? that's also same as EA6400 is also affected?