Cisco confirms flaw in Linksys WRT54GL wireless router


Cisco has confirmed the presence of a security vulnerability in its Linksys WRT54GL Wi-Fi router, which a remote hacker can use to gain full access to the device. DefenseCode first reported the problem in a short announcement posted on the company blog, and noted that multiple Linksys models could have been affected.

At that time, DefenseCode says it have contacted Cisco (NASDAQ: CSCO) about the remote access vulnerability in the default installation of the WRT54GL "months ago." The company went public after seeing the flaw remain unresolved in the latest firmware release. As reported on CSO, Chief Executive Leon Juranic in an email update noted that DefenseCode has performed a "quick analysis" in the wake of Cisco's claim that only one router is affected. "At least one other Linksys model is probably vulnerable," wrote Juranic.

While they aren't considered business-grade devices, the discovery of security problems in wireless routers made by Linksys is concerning due to the sheer number of such devices that the company has sold to date--More than 70 million units. Many businesses are known to purchase consumer devices for use in branch offices or for smaller deployments, of which the WRT54GL is a highly popular model.

For now, Cisco says it has already developed a fix for the WRT54GL and is conducting tests of it at the moment. Until the fix is released, Cisco urged customers using it to remain safe by securely configuring their wireless network, and to only allow friends to connect wired wired Ethernet ports.

For more:
- check out this article at CSO Online

Related Articles:
Cisco ponies up $1.2 billion to beef up BYOD credentials
Cisco cites mistake, updates privacy policy for Linksys routers

Filed Under