Linksys smart wifi routers have information disclosure vulnerability. Security Researcher has found 25000 vulnerability routers. Linksys router information disclosure vulnerability. Router leaks a connected devices with OS, Model number and MAC address of the connected device.

Other sensitive information about the router such as the WAN settings, firewall status, firmware update settings, and DDNS settings are also leaked publicly.

Exploit

Step 1:
Go to Login Page
step 2
Right click and inspect element and Go to Network Tab
step 3
Scroll Down multiple JNAP file and Open it

List of vulnerable models

Shodan search
html:linksyssmartwifi

Proof of concept

  • MAC address of device (full historical record, not just active devices)
  • Disclose device name (such as “ABC-PC” or “Easyhack-PC”)
  • Disclose OS (such as “Windows 10” or “Android” with version)

Follow us on Twitter for latest updates and information security news.

LEAVE A REPLY

Please enter your comment!
Please enter your name here