Linksys WiFi routers vulnerable to cyber attacks, almost a dozen flaws found

An entire group of bugs was discovered in Linksys smart WiFi routers, and security experts say that these bugs could allow access to any hacker that managed to exploit them. Apparently, more than 7,000 routers have these bugs as a part of the system, and anyone who discovered them could have easily overloaded the device, performed a forced reboot and denied access to users, and not only all of that, but also change restricted settings and leak a lot of user’s information.

IOActive’s cyber security researchers have stated that these flaws could be used by hackers to create an entire botnet network, and could potentially cause harm just like the Mirai DDoS attack did during the last year. These company’s researchers were the ones who informed Linksys of the bugs back in January, and ever since then, these two companies have been working together to deal with the problem.

For now, the problem still remains, but the company claims that the final update will be posted in the coming weeks. Until then, they issued a security advisory with a workaround for the customers with the flawed router.

Tao Sauvage, IOActive’s senior security consultant, was the one who authored the research, along with the independent researcher Antide Petit. The analysis that was conducted by them during the last year managed to reverse-engineer the router’s firmware and tests that included a series of conducted penetrations of the exposed functions were made.

This method unveiled up to 10 vulnerabilities that include both low and high-risk flaws and was present in more than 20 different models. After an initial search, it was calculated that more than 7,000 flawed devices were connected to the internet, and completely exposed for anyone to breach.

The most of the flawed routers were found to be within the USA, and that includes about 69% of devices. The remaining 31% were simply spread across the world, with around 10% in Canada, 1.8% in Hong Kong, 1.5% in Chile, and also 1.4% in the Netherlands. The rest were in spread out through Argentina, Sweden, Russia, Norway, UK, India, China and even Australia.

Sauvage said that “A number of the security flaws we found are associated with authentication, data sanitization, privilege escalation, and information disclosure. Additionally, 11% of the active devices exposed were using default credentials, making them particularly susceptible to an attacker easily authenticating and potentially turning the routers into bots, similar to what happened in last year’s Mirai [botnet] attacks.”

Mirai was known for using the unprotected IoT devices, and that also included webcams and routers. Through them, it conducted a series of DDoS attacks.

Linksys’ application security engineer, Benjamin Samuels, has said that the two companies have been working together since the discovery of the flaws, and are still trying to resolve the problem. He added that the security is a very important problem that has high priority and that only a few steps could help their customers with securing their devices.

Ali Raza
Ali Raza
Ali Raza is a freelance journalist with extensive experience in marketing and management. He holds a master degree and actively writes about crybersecurity, cryptocurrencies, and technology in general. Raza is the co-founder of SpyAdvice.com, too, a site dedicated to educating people on online privacy and spying.

More from author

Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

Related posts

Advertisment

Latest posts

7 Best Work from Home Apps for Moms

Being a mom is a job in itself. Between taking care of the kids, keeping up with household chores, and trying to squeeze in...

Top 9 Ways Technology is Helping Global Trade

If you are in a global business, utilizing technology is a surefire way of growing your business and increasing your customer base. Today, you...

7 Ways Technology Is Going To Transform Lead Generation

 In the ever-growing world of digital marketing, the ability to generate quality leads remains the most important ROI driver. Both inbound and outbound lead...