Backdoor Found in Linksys Router

linksys backdoorA new backdoor was found in the Linksys E4200 router by Jordan Bradley, a security researcher. This vulnerability allows anyone to gain access to the router’s administration interface without the need to login.

The vulnerability is simply accessed by pointing a browser to port 8083. Doing so bypasses all authentication procedures and allows you to directly access the administrator console as if you had gone to port 80 and logged in.

This problem seems to appear in version 2.0.37 of the firmware. Linksys has since fixed the bug that causes this to happen, but users must install the newer firmware in order to have the problem solved.

More information can be found here.