Thursday, January 17, 2013

DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up

Starting a few hours ago, we began a quick analysis as to how many Linksys models might be vulnerable.
From what we can tell so far, at least one other (not just the WRT54GL) Linksys model is probably vulnerable.

Moreover, during the analysis we discovered clues that network devices from other manufacturers might
also contain the same vulnerability. We are still investigating.

Regarding the Cisco case, we are looking forward to the vulnerability fix. In the meantime, we have again approached them about a few other potential vulnerabilities in the Linksys equipment.

Leon Juranic


  1. Did you try Tomato or any of the alternative firmwares used on the WRT54Gv4, and WRT54GL? I second what Edward commented on in your other post. Please consider testing the alternative firmwares for whatever vulnerability you have discovered. Also, you say that you are looking forward to the vulnerability fix. Has Cisco indicated they will fix the problem(s) you reported and in what timeframe? Thanks

  2. Some services on the WRT54GL rely on software components originating from Broadcom. Some of these components are also used by alternative firmwares (DD-WRT, OpenWRT, FreeWRT, Tomato, ...) and by other manufacturers (e.g., Asus, Netgear, Belkin).

  3. When life gives you a hundred reasons to cry, show life that you have a thousand reasons to smile.

    Xbox One Games

  4. I like the post format as you create user engagement in the complete article. It seems round up of all published posts. Thanks for gauging the informative posts.
    cara menggugurkan kandungan

  5. This is an informative post review. I am so pleased to get this post article and nice information. I hope that your actions will be more interesting in the future. Thanks!
    Have fun with kizi - un gran sitio web de juegos

  6. Taking about my writing experience, I advise you to check this out. It may be really helpful for you if you need to write a cover letter.