UPDATE – Researchers at security consultancy and vulnerability research firm DefenseCode claim to have uncovered a root exploit zero-day affecting the default installation of an unknown number of Cisco’s Linksys routers.
The reseaerchers are urging Cisco to fix the potentially serious vulnerability before they release the full PoC on BugTraq and Full Disclosure in two weeks, per DefenseCode’s vulnerability disclosure policy.
DefenseCode tested the exploit on the Cisco Linksys WRT54GL model and believe that other models are vulnerable as well. They aren’t entirely certain how many router models are impacted by the flaw, but they note that Cisco has sold some 70 million Linksys routers.
The group claims to have previously reported the vulnerability to Cisco along with its proof-of-concept. Cisco allegedly responded to DefenseCode’s disclosure, telling them that the bug had been resolved in the most recent firmware update. DefenseCode then tested their PoC again and determined that the current version of the router (4.30.14) and all previous versions remain vulnerable.
A Cisco spokesperson confirmed the vulnerability’s existence via email, but claimed that the flaw only affected the Linksys WRT54GL home router, the same model on which DefenseCode tested their exploit. The spokesperson assured us that Cisco has developed and is currently testing a fix for the issue. In the meantime, Cisco advises that customers using the WRT54GL router model stay safe by maintaining a securely configured wireless router.
You can watch a video-demo of the exploit on Youtube.