Security flaw in over 25,000 Linksys routers exposes sensitive information

• The flaw affects Linksys Smart Wi-Fi routers and can allow unauthenticated remote access to sensitive information.
• The exposed sensitive information can include the connected device’s name, MAC address, and the operating system.

More than 25,000 Linksys Smart Wi-Fi routers have been discovered to leak sensitive information, thanks to a security flaw. Security researcher Troy Mursch of Bad Packets LLC, came across the flaw when the company’s honeypot software scanned the vulnerable devices. It was found that the routers permitted unauthenticated remote access to sensitive information.

How could it be exploited?

• In his blog, Troy Mursch tells that the flaw, identified as CVE-2014-8244, could be exploited by fetching details of JNAP protocol present in the device, from a browser. This was done by entering the Smart Wi-Fi router’s public IP address in the browser and then accessing the developer console.
• The researcher also highlighted that the leak could be perpetrated by sending a request to a specific JNAP endpoint, which he mentions in the blog.

How many devices were vulnerable?

• The scans by the honeypot software revealed that 25,617 Linksys Smart Wi-Fi routers leaked sensitive information.
• This mainly included MAC addresses, names, and operating systems of the devices connected to these routers.
• Sensitive information of the routers was also exposed. This included WAN settings, Firewall status, firmware update settings, and DDNS settings.

Other vulnerabilities

Mursch also emphasized that attackers could bank on default passwords existing in most of these smart routers. “Our scans have found thousands of routers are still using the default password and are vulnerable to immediate takeover – if they aren’t already compromised,” he said.

Among the 25,617 vulnerable routers detected, nearly half of them (11,834) were located in the US.