Stories
Slash Boxes
Comments

SoylentNews is people

Over 21,000 Linksys Routers Leaked Their Device Connection Histories

posted by Fnord666 on Monday May 20 2019, @10:51AM   Printer-friendly
from the talktative-devices dept.

upstart writes:

Submitted via IRC for AnonymousLuser

Over 21,000 Linksys routers leaked their device connection histories

Over 21,000 Linksys routers leaked their device connection historiesLinksys, however, says it can't replicate the apparent flaw.Sponsored Links

Certain Linksys WiFi routers might be sharing far more data than their users would like. Security researcher Troy Mursch has reported that 33 models, including some Max-Stream and Velop routers, are exposing their entire device connection histories (including MAC addresses, device names and OS versions) online. They also share whether or not their default passwords have changed. Scans have shown between 21,401 and 25,617 vulnerable routers online, 4,000 of which were still using their default passwords.

The attack appear to be relatively straightforward and involves little more than visiting an exposed router's internet address and running a device list request. It works whether or not the router's firewall is turned on, Mursch toldArs Technica, and isn't affected by a patch Linksys released in 2014.

There are potentially serious consequences. Complete connection histories could tell hackers if there are juicy targets on a given network, such as a phone running outdated software, while stalkers might find out if their victim had visited a given location. The password status, meanwhile, could make it easy to hijack devices for the sake of botnets and other online crimes.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Over 21,000 Linksys Routers Leaked Their Device Connection Histories | Log In/Create an Account | Top | 8 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Monday May 20 2019, @03:10PM (1 child)

    by Anonymous Coward on Monday May 20 2019, @03:10PM (#845531)

    Very beautiful copypasta. A new low SN.

  • (Score: 0) by Anonymous Coward on Monday May 20 2019, @07:49PM

    by Anonymous Coward on Monday May 20 2019, @07:49PM (#845612)

    Very beautiful copypasta.

    I know, right? And this article was clearly written by Cisco and proofed by D-Link to trash their competitor!

    Our "intrepid" reporters, Buzzard, Takyon, Janrinok and Fnord are just rolling in the cash from those five figure monthly checks they get for their employment.

    They were hired to do investigative journalism, but all they do is copy corporate propaganda they were likely paid to promote here.

    Except for Buzzard. He doesn't even do copypastas.

    This place has gone completely to hell. Where's the original content? Where's the investigative reporting?

    It's not like SN is a "news aggregator and discussion site" or anything.

    Oh, wait, that's exactly what SN is. But you knew that and just wanted to be an asshole. Good job. You've succeeded!

    Oh, and the last paragraph of TFA goes like this:

    It might not be as clear-cut a situation as it appears, though. Linksys has posted a security advisory saying that it had "not been able to reproduce" the vulnerability, and suggested that the routers Mursch found online were either using outdated firmware or had their firewalls turned off. Clearly, there's some disagreement here -- and that could be a problem when it's not certain that affected Linksys routers are truly safe. For now, the best bet is to ensure that you're running up-to-date router firmware and that the device's firewall remains active.