Linksys routers are susceptible to an unauthenticated remote code execution vulnerability, which is being leveraged in the wild by a worm. Compromised routers may allow remote attackers to siphon confidential information from networks, or create a botnet using routers under attacker control.
*Unconfirmed list of vulnerable routers*
No Exploit Available
Remote Code Execution
Exploitation of this vulnerability is possible via an attacker sending data to port 8080. After determining the type of router the attacker is interfacing with, the attacker will exploit a vulnerable CGI running on the router. Remote attackers who successfully exploit this vulnerability will be able to execute code on the vulnerable system.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 32818 - Linksys Routers Command Injection (Zero-Day)
No mitigations are currently available.