Saturday, November 15, 2014

Linksys Wi-Fi Home Router security Issues

Linksys EA Router have a security issue, if have  EA series routers running the Linksys SMART WiFi firmware it contain multiple vulnerabilities,

CWE-320: Key Management Errors - CVE-2014-8243

An remote, unauthenticated attacker can read the router's .htpassword file by requesting http(s)://<router_ip>/.htpasswd. The .htpasswd file contains the MD5 hash of the administrator password.


CWE-200: Information Exposure - CVE-2014-8244
A remote, unauthenticated attacker can issue various JNAP calls by sending specially-crafted HTTP POST requests to http(s)://<router_ip>/JNAP/. Depending on the JNAP action that is called, the attacker may be able to read or modify sensitive information on the router.
It should also be noted that the router exposes multiple ports to the WAN by default. Port 10080 and 52000 both expose the administrative web interface to WAN users. Depending on the model, additional ports may be exposed by default as well.

Impact

A remote, unauthenticated attacker may be able to read or modify sensitive information on the router

FIX go to the Linksys site and download updated firmware files

Reposted form the US-CERT Site