Industry News

Cisco-Powered Linksys Routers Vulnerable to Remote Ownage

A serious flaw in the Linksys routers could allow an attacker to seize root privileges on the device, according to a blog post by pen-tester specialist DefenseCode.

As shown in a video, successful exploitation of a Cisco Linksys WRT54GL model gives the attacker root access on the locally installed Linux-based firmware. DefenseCode claims the vulnerability resides in the latest Linksys firmware (4.30.14), but older versions are also vulnerable.

“Months ago, we’ve contacted Cisco about a remote preauth (root access) vulnerability in default installation of their Linksys routers that we’ve discovered,” the team wrote. “They said that this vulnerability was already fixed in latest firmware release…Well, not this particular vulnerability, since the latest official Linksys firmware – 4.30.14, and all previous versions are still vulnerable.”

Once logged into the router with root provileges, an attacker can do nearly anything, including snoop on network traffic as it passes from LAN to WAN, discover the network topology or, even more, change the DNS settings to redirect websites that the user trusts to phishing pages.

At the moment, DefenseCode estimates more than 70,000,000 routers are in circulation, routers that can be attacked and transformed into zombies. Moreover, as Cisco did not respond to the bug report yet, the full proof of concept will be fully disclosed, allowing nearly anyone to take these routers for “a spin.”

To avoid trouble, block access to your WAN interface from the Internet. For more details about securing the router and your local network, check the guide on securing the wireless network.

About the author


A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.

1 Comment

Click here to post a comment
  • You may also want to just toss the Linksys firmware which is the root of the bug and go open source like discussed here: