Linksys WAG200G backdoor – other modems affected too

Updated January 04, 2014 – added link to Naked Security.

An Ars Technica post reports a Linksys WAG200G vulnerability, discovered by Eloi Vanderbeken, which, if exploited, provides the attacker with admin access. To take advantage of the backdoor the attacker needs to be on the local network and talk to TCP port 32764.

The WAG200G is not the only modem affected by this vulnerability. According to Ars the backdoor has been found on other Linksys models and on Netgear DSL modems as well.

You can read more about it on Ars Technica.

Vulnerabilities like this one are the reason why you need to make sure your modem/router is always running the latest firmware or switch to an open source alternative.

Update: Naked Security posted a nice write-up for this issue. You can find it here.

If you have any questions or if you spotted any errors or omissions, please leave me a comment.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: