Vulnerable products : Linksys EA2700, EA3500, E4200, EA4500 using
lighttpd 1.4.28 and Utopia on Linux 2.6.22
Firmware Version: 1.0.14 EA2700
Firmware Version: 1.0.30 EA3500
Firmware Version: 2.0.36 E4200
Firmware Version: 2.0.36 EA4500
Impact: - Major
Timeline: - Still awaiting word back from Linksys support. Partial
disclosure at the present due to the impact; Full disclosure in near
future if warranted.
Vulnerabilities:
Vulnerability Conditions seen in all variations:
Although not the same symptoms as the bug that plagues most ASUS
routers that are AiCloud enabled with WebDav, the utilization of both
UPnP and SSL on lighttpd v 1.4.28 appears to be an extremely
problematic combination, exposing certain vulnerabilities to the WAN
side of the router.
Recommendations-
Testing additional firmware is ongoing.