Security Bug in Linksys Wireless-G Router

March 8, 2008 – 3:18 PM

Cisco’s Linksys WRT54G Wireless-G Broadband Router has a flaw that could allow an attacker to gain administrative privileges on vulnerable devices. Even if the remote administration feature on the device is turned off, the router serves the administration web page on ports 80 and 443, protected only by a weak default password. Secunia rates the flaw as ‘moderately critical’ and advises users to use a stronger password for administrative access, or restrict access to the interface altogether. Alternatively, the device can be configured to forward traffic on the port to a non-existent server; even if sent to an existent server, forwarding will override the default behavior.

You must be logged in to post a comment.