Unfortunately, a pair of researchers from IOActive recently discovered a total of ten different security vulnerabilities that impact the company’s popular EA3500 router, and more than two dozen other models as well, including models from the company’s Smart Wi-Fi, Wireless-AC and WRT series.
The common theme here is that all of the impacted routers have web-based admin interfaces.
Not all of the security flaws that were found are critical, but the critical ones are pretty devastating. One of them allows unauthenticated users to launch DOS (Denial of Service) attacks.
Another allows attackers to bypass the normal authentication process and access scripts, which in turn can reveal sensitive information about the router and its configuration, including giving the hacker your WPS PIN, which will allow them back in any time they want. Once inside, they can, of course, launch attacks on any device connected to your network.
Still another can be used to get the router’s firmware version and a complete list of all devices connected to your network, including USB-connected peripherals, which would allow them to make better decisions about where to attack you.
The worst of the security flaws, however, allow the hackers to inject malicious code into your network with root privileges. This could, among other things, allow them to set up a shadow admin account in your network that is completely invisible to you. Obviously, with this account in place and active, there’s no limit to the amount of damage a hacker could do.
The official word from Linksys is that they are currently working on fixes for all of these issues, but thus far, no ETA has been announced.