Linksys routers vulnerable through CGI scripts
More SOHOpeless misery
Linksys' EA6100-6300 wireless routers need a patch: KoreLogic has published an advisory saying that rubbish CGI scripts in the admin interface open the device up to remote attackers.
Since it's a consumer product, it's a fair bet that most of the devices out there won't get patched, but here's the detail.
Many of the CGI scripts included in the admin interface provide an attacker with unauthenticated access. The attacker can then get the router's admin password and p0wn the device, the advisory says.
The bad scripts include the bootloader, sysinfo.cgi, ezwifi_cfg.cgi, qos_info.cgi and others.
The disclosure is attributed to Matt Bergin of KoreLogic. His proof-of-concept code provided with the advisory includes testing the target device to see if its admin password remains set to default.
At the time of writing, Linksys had not published a fix, so it's at least prudent to shut down remote admin access to any devices you're in contact with. ®