Over 25,000 Linksys routers are leaking device data: Report

By Vignesh Giridharan | Updated 20 May 2019
Over 25,000 Linksys routers are leaking device data: Report
  • Over 25,000 Linksys Smart Wi-Fi routers are currently leaking device details because of a security vulnerability.
  • Linksys doesn't seem to think it's a problem but it can let attackers see details like the device name and MAC address of connected devices.

Over twenty-five thousand Smart Wi-Fi routers made by American networking hardware company Linksys are leaking details of devices connected to it, says a recent report by Bad Packets Report. The affected routers could have apparently been facing a security vulnerability since as early as 2014. If the vulnerability is exploited, an attacker could gain unauthenticated remote access to sensitive information on connected devices through the affected routers.


According to the recently published report by Troy Mursch, the affected routers—which number 25,617 in total—are currently exposing the following details to a potential attacker: MAC address of every device connected to them (full historical record), device name, and its operating system. “Other sensitive information about the router such as the WAN settings, firewall status, firmware update settings, and DDNS settings are also leaked publicly,” writes Mursch. Following are the affected Linksys Smart Wi-Fi routers:

In the security report, the author explains how to go about exploiting the vulnerability. The author also talks about the risks of such a leak. “If a device’s name includes the full name of the owner, this flaw allows attackers to determine the identity of owner and geolocate them via the Linksys Smart Wi-Fi router’s public IP address,” adds Mursch. The vulnerability makes the routers prone to targeted attacks by cybercriminals on home and business networks alike.

Mursch also goes on to say that the vulnerability in these Linksys routers lets an unauthenticated attacker know which routers are still on their default login password (like, “admin”) without even logging in. According to the report, Linksys’ response to the vulnerability report sent to the company was “Not applicable/Won’t fix”. About half of these affected routers have automatic firmware updates enabled, so if Linksys does realise the problem in the future and patches it, a part of the problem will be solved automatically without any user intervention.


Inline image courtesy: Bad Packets Report

Vignesh Giridharan
Progressively identifies more with the term ‘legacy device’ as time marches on.

Recent Questions

Are data mining and data warehousing related?
Sept 12, 2014
Be the first one to post the comment
Post a New Comment
You must be signed in to post a comment