Linksys Remote Preauth 0day
DefenseCode researchers discovered a critical remote preauth vulnerability in Cisco Linksys routers which allows hackers to obtain root access. The researchers reported this vulnerability to Cisco several months ago and they responded by stating that the vulnerability had already been repaired in new firmware updates, however DefenseCode researchers found that this vulnerability still exists in hte lastest firmware release, 4.30.14, and all versions prior to that are still vulnerable. Linksys routers are used in more than 70 million homes today, so this is a very serious and critical issue for linksys.
Below is a Youtube video demonstrating the exploit on Cisco Linksys WRT54GL. It is suspected that many other models are also vulnerable to this exploit.
Since Cisco failed to properly handle the issue in a timely manner, DefenseCode plans to disclose the details of the vulnerability on their site, www.defensecode.com, BugTraq, and Full Disclosure some time within the next two weeks.
Recently Cisco has responded to inqueries from "The Register" by stating:
Linksys takes the security of our products and customersâ€™ home networks very seriously. Although we can confirm contact with DefenseCode, we have no new vulnerability information to share with customers â€“ for our WRT54GL or other home routers. We will continue to review new information that comes to light and will provide customer updates as appropriate.