Over 25,000 Linksys routers leak data

More than 25,000 of the Linksys Smart Wi-Fi smart routers contain a vulnerability that provides the ability to remotely access important information.

In total, 25,617 vulnerable devices were identified in 146 countries around the world, “merging” information about MAC addresses, device names, operating system type, firewall status, firmware update settings (in some cases WAN settings), and DDNS configuration. As Marsh noted, the device can only be tracked by its MAC address, and if the owner of the router specifies its name in the device name, attackers can identify it and potentially locate it at the public IP address.

“Although geolocation by IP address is not accurate, using services like WiGLE, any person can get the geographical coordinates of a Wi-Fi network only on the basis of a MAC address or SSID. An attacker could attack the Linksys Smart Wi-Fi router, extract its MAC address and determine its location, ”the expert explained. Access to the data can be obtained through the public IP address of the router, opening the developer panel, without requiring any authorization.

Vulnerability (CVE-2014-8244) in the Linksys firmware, supplied as part of a number of products, has existed since 2014.

The list of vulnerable models is presented below.