* Security Issue: Cisco Linksys Remote Preauth 0day Root Exploit

[IdeaStormer]

Cisco Linksys WRT54GL, but other Linksys versions/models are probably also affected.

Cisco Linksys is a very popular router with more than 70,000,000 routers sold. That's why we think that this vulnerability deserves attention.

Ref: http://defensecode.com/article/upcoming_cisco_linksys_remote_preauth_root_exploit-33

Better keep an eye on your Linksys/Cisco Routers! Patch coming soon I hope.

[IdeaStormer]

Yes, it looks like me picking D-Link was a bright idea all of a sudden (don't worry I just got lucky). Those with Linksys Routers well looks like you might want to come up with a Plan B.

Routers with vulnerable Broadcom UPnP stack are mostly based on Broadcom chipset. "We have found that, in fact, same vulnerable firmware component is also used in at least two other Cisco Linksys models - WRT54G3G and probably WRT310N. Could be others." researchers said.

Ref: http://thehackernews.com/2013/02/rem...wo0aof3z5p.2s8

[IdeaStormer]

Dang it looks like my D-Link is also on the list :(

More info on which devices uses the Broadcom chip or not: http://wiki.openwrt.org/toh/start

Edit: Actually my D-Link isn't, wheew, read it wrong at first.

[rufee]

I don't really see this being an issue, unless you are a business, but then again why would you use a consumer router.

[KingLinkTiger]

Not much of a problem for all of the 3rd party firmware users, since this seems to only affect the stock firmware users.

[IdeaStormer]

Well you can always run the script they mention to verify if you are affected. If you don't care for some random script kiddie getting root on your router and doing what ever they want I guess its not an issue.