Cisco/Linksys EA Router Vulnerability

[Blade of Grass]

https://forums.hak5.org/index.php?/topic/29775-cisco-linksys-ea-series-vulnerability/

 

I ran a port scan on my network over a VPN because I was curious to see what ports were open, one of the open ports was 8083. So I enter my ip :8083 in to Firefox and the admin interface popped up without asking me for the password and did allow me to make changes to the router. I have remote management turned off. The router is an EA2700, we have also confirmed that the EA3500 is vulnerable too. The e2500 and e1000 don't appear to be vulnerable. This is a huge issue and I would have expected better out of Cisco, they made amazing enterprise stuff and then sell polished turds so consumers. If anyone else has access to one of the newer Cisco linksys, please test this out I would like to get a list going of vulnerable routers. The ea2700 was on FW 1.0.14.

Edit, I updated the firmware and the Vulnerability has been patched in the new and ugly "smart wi-fi" firmware.

Edit 2: You can still get to the login page on the new firmware on port 10080, however you can not login, even with the correct password it will tell you there was an error. also you can login correctly if you have the right password on port 52000

Edit 3: As it turns out the latest version of the "Classic" or "Cisco Connect" firmware for all of the EA Series routers, EA2700, EA3500, EA4500 and the E4200v2 are vulnerable to this, and Linksys doesn't give a shit because the new and crappy "Smart Wifi" firmware is not affected by this. I upgraded my router to the "Smart wifi" firmware and now my IRC sessions randomly drop. The DD-WRT port for the EA2700 is not done yet and the EA3500 as well as the EA4500 and E4200v2 are based on marvel chipsets. Also AFAIK you have to manually upgrade to the "Smart wifi" firmware, I had auto updating enabled and mine was never updated.

The last "Classic" firmware for each router is listed below:

EA4500:     2.0.37

EA3500:     1.0.30

EA2700:     1.0.14

EA4200v2 :2.0.37

That's even worse than the older ASUS one, so if you're using any of those listed firmwares, please update it to the newer ones.

[DirkaFat]

Did I see an "EA"? Well, there's your problem.

[Darren]

Did I see an "EA"? Well, there's your problem.

 

Are you in a circle while you're jerking?

 

Back to topic, that's a serious vulnerability right there.