Intrusion Prevention

Linksys.Routers.Administrative.Console.Authentication.Bypass

Description

This indicates an attack attempt to exploit an Authentication Bypass vulnerability in Linksys Routers.
The vulnerability is caused by a lack of input validation when handling a crafted HTTP request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted HTTP request. This exploit is also being used by The Moon Worm and has been incorporated into various vulnerability scanners.

Affected Products

Selected older Linksys Wi-Fi Routers and Wireless-N access points and routers

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's advisory for updates:
https://www.linksys.com/us/support-article?articleNum=136147