Some are really bad stuff:Linksys SMART WiFi vulnerabilitiesOverviewLinksys EA series routers running the Linksys SMART WiFi firmware contain multiple vulnerabilities.DescriptionCWE-320: Key Management Errors - CVE-2014-8243An unauthenticated attacker on the local area network (LAN) can read the router's .htpassword file by requestinghttp(s)://<router_ip>/.htpasswd. The .htpasswd file contains the MD5 hash of the administrator password.CWE-200: Information Exposure - CVE-2014-8244A remote, unauthenticated user can issue various JNAP calls by sending specially-crafted HTTP POST requests tohttp(s)://<router_ip>/JNAP/. Depending on the JNAP action that is called, the attacker may be able to read or modify sensitive information on the router.It should also be noted that the router exposes multiple ports to the WAN by default. Port 100080 and 52000 both expose the administrative web interface to WAN users. Depending on the model, additional ports may be exposed by default as well.ImpactA remote, unauthenticated attacker may be able to read or modify sensitive information on the router.SolutionApply an Update:If possible, users are encouraged to update their firmware to the latest version to remediate these vulnerabilities. Linksys has provided the following fix versions:EA2700 - Not yet releasedEA3500 - Not yet releasedE4200v2 - Ver.2.1.41.162351EA4500 - Ver.2.1.41 (Build 162351)EA6200 - Ver.1.1.41 (build 162599)EA6300 - Ver.1.1.40 (build 160989)EA6400 - Ver.1.1.40 (build 160989)EA6500 - Ver.1.1.40 (build 160989)EA6700 - Ver.1.1.40 (build 160989)EA6900 - Ver.1.1.42 (Build 161129)
↧