Linksys Router – Over 25,000 Linksys Smart Wi-Fi Routers Leaking Sensitive Information to the Internet
Table of Contents
A vulnerability has been discovered with Linksys Wi-Fi routers that allows attackers to gain unauthenticated,remote access to the vulnerable router and access sensitive information.
According to Bad packets report, “Our honeypots frequently detect scans targeting various home automation protocol endpoints. Many of these attacks aim to exploit vulnerable consumer routers. Upon further investigation, we’ve discovered a persistent flaw affecting Linksys Smart Wi-Fi routers that allows unauthenticated remote access to sensitive information.”
How is the Linksys Wi-Fi Routers Vulnerability Exploited?
The vulnerability can be exploited by just knowing the public IP address of the router. It can be exploited simply by just opening the router public IP address in the web browser and from the developer console, move to network and JNAP queries.
- Go to the Linksys Smart Wi-Fi router’s public IP address in your web browser
- Open the developer console (F12 key) and go to the Network tab
- Scroll down to JNAP (there’s multiple) and click to open it
This sensitive information disclosure vulnerability requires no authentication and can be exploited by a remote attacker with little technical knowledge.
How many Linksys Smart Wi-Fi routers are vulnerable?
According to Bad packets Report, it discovered 25,617 Linksys Smart Wi-Fi vulnerable which are currently leaking sensitive information to the public internet.This information includes:
- MAC address of every device that’s ever connected to it (full historical record, not just active devices)
- Device name (such as “TROY-PC” or “Mat’s MacBook Pro”)
- Operating system (such as “Windows 7” or “Android”)
What are the risks of leaking this information publicly?
A MAC address is a unique identifier for every networked device. Mobile devices, such as smartphones and laptops, share this identifier every time they connect to a wireless network. This creates a fingerprint that can be used to track that device’s movement across networks.
If a device’s name includes the full name of the owner, this flaw allows attackers to determine the identity of owner and their geo-location via the Linksys smart Wi-Fi router’s public IP address.
What specific models of Linksys Smart Wi-Fi routers are vulnerable?
The models listed below are actively leaking sensitive information, including those running the latest firmware available from Linksys.