Over 25,000 Linksys routers at risk, but just update the firmware
The attacker can access the MAC addresses of devices connected to the router, as well as devices connected in the past. Just update the firmware to solve the problem.
The security researcher Troy Mursch of Bad Packets Report identified last week a flaw in several models of Linksys routers that if exploited allows an attacker to come into possession of relevant information related to devices connected to the router.
Linksys, acquired in 2013 by Belkin, in turn acquired by Foxonn in 2018, denies the problem. The Linksys staff states that they have not been able to replicate what was identified and illustrated by Mursch: ” We tested the router models reported by Bad Packets using the latest publicly available firmware and with default settings, and we were not able to to replicate the problem.
This means that it is not possible for a remote attacker to recover sensitive information using this technique. ” Linksys also states that the flaw was repaired in 2014.
he researcher disagrees: ” Although this flaw was apparently resolved, our investigations show a different picture. After contacting the Linksys security team, we had the request to share the vulnerability. After submitting the findings, the reviewing analyst determined that the problem was not applicable, and the practice was closed “.
Mursch states that the routers affected by the problem can make a series of information accessible to hackers and criminals, including the MAC address of any connected device and all the devices connected to the device in the past, the names of the connected devices and the type of connected device (PC, Mac, Android iOS). This is information that if properly combined, and together with the router’s public IP address, can also lead to the user’s geolocation.
Mursch initially identified, via a network scan, over 25 thousand routers affected by the problem. However, the number seems to be decreasing: another analysis conducted a few days later after the announcement of the discovery has detected just over 21 thousand vulnerable devices, a sign that the firmware update actually resolves the flaws present and that the vulnerable devices are probably never updated since 2014.