Skip to main content

Researchers find 10 vulnerabilities in 25 network routers supplied by Linksys

Linksys Max-Stream EA8300 review
Kevin Parrish/Digital Trends
After we pointed out a security issue with the web-based interface in our recent Linksys EA8300 router review, IOActive Labs reports it discovered 10 security vulnerabilities across 25 different Linksys routers, including the EA8300 unit we just reviewed. The issues range from low to high on a security level, six of which grant remote access to “unauthenticated” attackers.

In one example, hackers can use an affected router as a Denial-of-Service (DoS) tool. The hacker merely sends a few requests or “abuse” a specific API used by the browser-based backend. The router will then either become unresponsive or will reboot altogether. When that happens, router owners are locked out of the web-based interface and connected client devices can’t access the internet until the hacker stops the DoS attack.

Firmware flaws also enable hackers to collect “technical and sensitive” information about the router itself by bypassing the authentication protecting the onboard Common Gateway Interface (CGI) scripts, which enables the router to generate the browser-based interface. Information collected through this vulnerability include the firmware version, a list of connected USB devices, the firewall configuration, and more.

“Authenticated attackers can inject and execute commands on the operating system of the router with root privileges,” reports IOActive’s Taeo Sauvage. “One possible action for the attacker is to create backdoor accounts and gain persistent access to the router. Backdoor accounts would not be shown on the web admin interface and could not be removed using the Admin account.”

Sauvage and his co-researcher used the Shodan tool to discover that only around 7,000 vulnerable Linksys routers accessed the internet at the time of the report. However, that number does not include vulnerable routers that are running behind another network appliance or governed by strict firewall rules. That is also a global number spanning 25 different models, too.

That said, the majority of the vulnerable routers resides within the United States at 69 percent. Canada falls into second place with 10 percent while Hong Kong, Chile, Netherlands, Venezuela, Argentina, and Russia are each around one to two percent. The remaining 13 percent of the affected units fall within the “others” group.

What is not surprising is that around 11 percent of these devices rely on the default credentials provided by Belkin/Linksys, opening the door for hackers to simply log into the router and get full root access remotely. Most if not all of the affected routers are linked to a cloud account.

Belkin/Linksys is working on a firmware fix now. They provide a security advisory regarding the discovery although you will not find it splashed on the front cover of the Linksys website. It is also not openly listed on the website’s Support section. The only way we found the advisory was through a Google search, or by clicking on the link within Sauvage’s report.

Here are the routers in question:

EAxxxx Series

EA2700 EA2750 EA3500 EA4500 v3 EA6100
EA6200 EA6300 EA6350 v2 EA6350 v3 EA6400
EA6500 EA6700 EA6900 EA7300 EA7400
EA7500 EA8300 EA8500 EA9200 EA9400

WRT Series

WRT 1200AC WRT 1900AC WRT 1900ACS WRT 3200ACM

Editors' Recommendations

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Linksys debuts a blazing-fast router and its very first modem/router combo
linksys ea8300 router ac2200 band steering

Linksys  on Wednesday introduced two new networking products: the EA9300 Wireless AC router and its very first cable modem/router combo, the CG7500. The former EA9300 stand-alone router is a tri-band solution, meaning it broadcasts two 5GHz connections and one 2.4GHz connection. The CG7500 combo unit only offers two connections and serves as a replacement for your ISP’s supplied modem.

According to Linksys, the stand-alone router is capable of speeds of up to 750Mbps on the 2.4GHz band and up to 1,625Mbps on each 5GHz band. However, to see those maximum speeds, the connecting wireless devices must include three internal antennas to capture the three streams broadcast by the router.

Read more
Linksys Velop mesh gets bridge mode, routers score new parental controls
Linksys Velop review

When you really need to get something done, then losing your internet connection can be a real drag. Router manufacturers keep looking for ways to keep us connected, from pumping out routers with more powerful radios to creating new mesh technologies that use intelligence instead.

Linksys has its Velop mesh network solution and "App Enabled" routers (formerly called Smart Wi-Fi Routers) that are aimed at both covering spaces with solid wireless connectivity and offering new features as technology progresses. The company is addressing both objectives with its latest updates, due on Tuesday.

Read more
Linksys’ new tri-band router supports wireless device in-home ‘roaming’
linksys ea8300 router ac2200 band steering

On Wednesday, Belkin-owned Linksys introduced a new Wireless AC router for homes and offices relying on multiple “roaming” mobile devices, the EA8300. It’s a tri-band solution in that it’s packed with one 2.4GHz access point and two 5GHz access points. It’s also backed by beamforming and MU-MIMO technology promising superior connectivity and speed performance.

For starters, the new EA8300 router includes the company’s band steering technology. This essentially pairs the two 5GHz bands together into one access point. That doesn’t mean users will see speeds of up to 1,733Mbps, but instead this feature is designed for mobile devices roaming throughout the home or office. As the device moves across physical space, the router will determine which of the two 5GHz bands has the best connection, and will bounce the device between the two accordingly. This is called load balancing.

Read more