Linksys SOHO router owners urged to patch multiple vulnerabilities

Owners of a number of Linksys small office/home office routers have been urged last week to update their device’s firmware in order patch two vulnerabilities, one of which could allow a remote, unauthenticated attacker to read or modify sensitive information on the router, and the other could allow a local attacker to read the device’s password file.

Unfortunately, owners of Linksys router models EA2700 and EA3500 can’t do it, as a security update has not yet been made available.

The latter ones are in greater danger, as according to Threatpost, PoC exploits for the vulnerabilities in the EA3500 and EA6500 models have been made available on a Turkish hacker site in September.

“It should also be noted that the router exposes multiple ports to the WAN by default. Port 10080 and 52000 both expose the administrative web interface to WAN users. Depending on the model, additional ports may be exposed by default as well,” CERT’s advisory pointed out.

Both vulnerabilities were discovered by researcher Kyle Lovett, who responsibly disclosed them to Linksys in July.

Since Linksys provides the option for firmware updates to be delivered and implemented automatically on these devices, users are advised to go for it.