{"id":9795,"date":"2013-04-09T14:28:37","date_gmt":"2013-04-09T19:28:37","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=9795"},"modified":"2013-04-09T14:34:52","modified_gmt":"2013-04-09T19:34:52","slug":"dont-use-linksys-routers","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=9795","title":{"rendered":"Don\u2019t Use Linksys Routers"},"content":{"rendered":"<blockquote><p>Today I am publishing 5 Linksys router vulnerabilities so that consumers may be aware of the risks.<br \/>\n<a href=\"https:\/\/superevr.com\/blog\/wp-content\/uploads\/2013\/04\/linksys_vulns.txt\">linksys vulns.txt<\/a><\/p><\/blockquote>\n<p>via <a href=\"https:\/\/superevr.com\/blog\/2013\/dont-use-linksys-routers\/\">Don\u2019t Use Linksys Routers \u00ab Superevr<\/a>.<\/p>\n<p>I run a WRT54GL in my network but installed tomato on it because I never liked the linksys GUI and wanted to try out tomato.\u00a0 Here&#8217;s his take on the WRT54GL:<\/p>\n<blockquote><p>1. <strong>Linksys WRT54GL Firmware Upload CSRF Vulnerability<\/strong><br \/>\nI demonstrate Cross-Site File Upload in my BlackHat and <a href=\"http:\/\/videos.2012.appsecusa.org\/video\/54209282\">AppSec USA<\/a> talks. If you need more info on the vector itself, check out <a href=\"http:\/\/blog.kotowicz.net\/2011\/04\/how-to-upload-arbitrary-file-contents.html\">How to upload arbitrary file contents cross-domain<\/a> by Kotowicz.<\/p><\/blockquote>\n<p>I suspect these kind of exploits exist in all consumer grade routers.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today I am publishing 5 Linksys router vulnerabilities so that consumers may be aware of the risks. linksys vulns.txt via Don\u2019t Use Linksys Routers \u00ab Superevr. I run a WRT54GL in my network but installed tomato on it because I &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=9795\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[110],"tags":[427,339,291,101],"class_list":["post-9795","post","type-post","status-publish","format-standard","hentry","category-networking","tag-exploit","tag-network-intrusion","tag-routers","tag-security"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9795","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9795"}],"version-history":[{"count":1,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9795\/revisions"}],"predecessor-version":[{"id":9796,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9795\/revisions\/9796"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9795"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9795"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9795"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}