Security researchers disclosed Thursday a number of unpatched security flaws in at least 20 models of Linksys routers, many of which are still widely used, that could leave users vulnerable to attack.
Tao Sauvage, a senior consultant at security firm IOActive, and independent security researcher Antide Petit, found 10 noteworthy vulnerabilities that vary in severity and could allow an attacker to overload routers and prevent internet access for users.
The security flaws all present their own unique risks for owners of affected Linksys routers, but there are three primary ways attackers are able to exploit the devices.
The first type of attack replicates a denial-of-service (DoS) condition for the router by effectively overwhelming the device with requests. This makes the router unresponsive or, in some cases, reboot. The attack leaves a network administrator unable to access the administrator interface and users unable to connect to the internet until the attack stops.
A secondary vulnerability allows an attacker to bypass the standard authentication requirements that protect common gateway interface (CGI) scripts that collect technical and sensitive information about the router, including firmware and kernel versions, a list of running processes, connected USB devices and PIN for protected router settings.
The final and perhaps most severe of the flaws allows hackers to inject and execute commands on the operating system of the router. This could allow an attacker to maintain persistent access to the router that would go unnoticed and could not be removed by the administrator.
Luckily, the researchers were unable to find a way to fully exploit the final flaw that provided ongoing backdoor access to the router, but the possibility exists for someone to take advantage of it until it is patched.
According to the research team, at least 7,000 routers have been found to be affected by the vulnerabilities, 69 percent of which were located in the United States. Eleven percent of the routers were using default credentials rather than custom passwords or PINs, opening them up to further attacks.
The researchers have been in contact with Linksys since January to get the vulnerabilities patched. Linksys published a set of advisories for users, which includes turning on automatic updates, disabling Wi-Fi guest access, and changing the administrator password.
A list of the at-risk routers is available below: