The popular Linksys WRT54G wireless router has a security flaw that enables unauthorized remote access to its administrative functions, an expert claims.
Independent consultant Alan W. Rateliff II said in a posted warning that the router will display its administrative Web over the Internet page via ports 80 and 443 -- even if the user turns off the remote administration function.
After intruders access the administrative log-on screen, they can then get into the management functions because the default user name and passwords are obvious. Most such devices use, by default, obvious user names and passwords like "admin."
"The implications are obvious: Out of the box the unit gives full access to its administration from the WAN using the default or, if the user even bothered to change it, an easily guessed password."
Rateliff said he reported the problem to Linksys, which is a division of Cisco, in April but did not receive a response. Nor has the company updated the firmware for the router to fix the problem, he noted. The
most recent firmware for the router, as posted on the Linksys Web site, is dated March 17, 2004.
Discover the benefits of scalable backbone and network services for application and cloud providers.
Network automation is gaining momentum. Here's how you can drive this powerful technology to its full potential.
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
