Alan Rateliff II, an independent security consultant, on Friday said he discovered a vulnerability in the Linksys WRTS54G 802.11g wireless router. The flaw gives hackers a free pass into the Web-based configuration page of the router when the firewall function is turned off.
When Rateliff originally tested the devices in March, he discovered that this vulnerability existed on two Linksys routers straight from the store. The default configuration on the products he tested used version 2.02.7 of the firmware, and they enabled access to the configuration page via ports 80 and 443.
When he tested new Linksys routers, using both firmware versions 2.02.7 and 2.02.2 earlier this week, he did not find the same flaw on routers that use the standard configuration settings. But he noticed that when the firewall is turned off on the devices, ports 80 and 443 are still open, allowing the configuration page to be easily accessed.
Allowing easy access to configuration settings on a router is a security risk. Hackers could change settings of the router to launch spam and virus attacks, without the victim ever realising what is going on. Attackers could also gain access to devices attached to the router, such as laptops and PCs. With an open door into the network, attackers could target unprotected individual machines and infect them with worms and viruses.
"It's like giving a hacker a key to a locked door," Rateliff said. "There's no telling what he will do once he's inside. The scenarios are only limited by what we can imagine."
Rateliff added that broadband users on large national Internet service providers, such as America Online, could be the most vulnerable, because hackers tend to scan these DSL (digital subscriber line) and cable modem connections, looking for vulnerable targets.
"The larger the network, the larger the exposure to hackers," he said.
For the most part, this problem exists only when the firewall function is turned off. Considering that most people concerned about security would keep the firewall turned on, this may not be such a big threat. But Rateliff warned that people should check to make sure that their settings are correct when they install the Linksys routers.
"You just have to be careful," he said. "There's no telling if someone else has changed the settings and then returned the product to the store. When you get it home, you have no way to know that the firewall has been turned off and that you're now exposed to this other problem."
The Linksys home networking gear is among the most popular on the consumer market. The brand has more than 20 percent market share in the home and small-business Wi-Fi market, according to Synergy Research.
Cisco posted a beta version of the new firmware on the Linksys Web site on Thursday night. The company said customers using this version of firmware should not experience the problem even when the firewall is turned off. Rateliff said he has not tested the beta version of firmware yet.
