Over 25,000 Linksys Smart Wi-Fi routers leaked device connection histories

Security researcher Troy Mursch has reported that over several Linksys router models globally are revealing entire device connection histories online, 440 of them are from the UAE.


The Linksys Velop is one of the devices that has been affected.

Linksys users, especially those in the UAE, may have something to be concerned about. Specific Linksys Wifi routers have been found to be sharing their entire device connection histories (including MAC addresses, device names and OS versions) online.

Security researcher Troy Mursch, writing in in Bad Packets, has reported that 33 models have been affected by the vulnerability. They also share if their default passwords have been changed or not and this has affected between 21,401 and 25,617 vulnerable routers online, 4,000 of which were still using their default passwords. Linksys, however claim it fixed the flaw in 2014 can't replicate the flaw.

The attack can be done by visiting an exposed router's internet address and running a device list request and it supposedly works whether or not the router's firewall is on. Mursch told Ars Technica,

"While [this flaw] was supposedly patched for this issue, our findings have indicated otherwise," says Bad Packets. "Upon contacting the Linksys security team, we were advised to report the vulnerability... After submitting our findings, the reviewing analyst determined the issue was 'not applicable/won't fix' and subsequently closed." It can also include device names like "William's iPhone" plus whether the device is a Mac, PC, iOS or Android device. The combination of a MAC address and Linksys Smart Wi-Fi routers' public IP address can mean that hackers could geo-locate or track "William," claims Mursch.

Linksys were quick to respond, " We quickly tested the router models flagged by Bad Packets using the latest publicly available firmware (with default settings) and have not been able to reproduce CVE-2014-8244; meaning that it is not possible for a remote attacker to retrieve sensitive information via this technique. JNAP commands are only accessible to users connected to the router’s local network.

"We believe that the examples provided by Bad Packets are routers that are either using older versions of firmware or have manually disabled their firewalls. Customers are highly encouraged to update their routers to the latest available firmware and check their router security settings to ensure the firewall is enabled."

Bad Packets have released a complete list of the Linksys router models reportedly affected and the region these routers are from. 440 of the affected devices are from the UAE.

Nevertheless it's prudent that Linksys users update their firmare and ensure their device firewalls are active, as this could expose it to attackers.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.

Editor's Choice

Emerson expands analytics platform for industrial enterprise-level wireless infrastructure management
Plantweb Insight platform adds two new Pervasive Sensing applications that manage wireless networks more efficiently with a singular interface to the enterprise
Digitalisation seen as a competitive advantage by Middle East private businesses
Nearly 80 per cent of private business leaders acknowledge that digitalisation can impact business sustainability
Etisalat introduces Multi-Access Edge Computing architecture delivering best-in-class video streaming performance for 5G networks
MEC architecture achieves performance gains of as much as 90% in video streaming, validating how ultra-low-latency applications will be delivered over 4G and 5G networks

Most popular

Don't Miss a Story