The Linksys Fix: How to Avoid the Linksys Zero Day Firmware Exploit


According to a wide array of reports, a Zero Day exploit has been found for Cisco Linksys Routers that use default Cisco firmware. What does that mean in plain English?

For all of you out there using any Cisco Linksys router (of which there are over 70 million in circulation), you should know that DefenseCode, an information security consultancy and vulnerability research company, has recently discovered the flaw, disclosed the issue to Cisco and will soon release the exploit to the general public. This is done to pressure companies to act swiftly and proactively to prevent security holes.

The Register UK reports:

According to Help-Net Security, it took DefenseCode just 12 days to develop the exploit. The company says it contacted Cisco, Linksys’s owner, “months ago”.

The vulnerability affects all versions of Linksys firmware up to and including the current version, 4.30.14. DefenseCode intends to release a full description of the vulnerability within two weeks.

Cisco has made the following statement to The Register: “Linksys takes the security of our products and customers’ home networks very seriously. Although we can confirm contact with DefenseCode, we have no new vulnerability information to share with customers – for our WRT54GL or other home routers. We will continue to review new information that comes to light and will provide customer updates as appropriate.

If you would like to see the Zero Day exploit in action, DefenseCode has posted a YouTube video showing it in action, although it is primarily just a command line interface with some music behind it that will likely mean little to the average consumer.

This Linksys Zero Day exploit exposes anyone who owns or uses any Cisco Linksys device with default firmware ranging from the old-school Linksys WRT54G to the Linksys E4200. If this hack is released to the general public and users do not upgrade their hardware, Linksys router owners will instantly become susceptible to the nefarious whims of any random person with a bit of networking know-how who wants to gain access to their network.

It is likely that, even if a fix arrives, most users will not even know that this is an issue and this bug will linger on user’s systems for years. How scary is that?

We here at FlashRouters feel this is an emergency issue in need of immediate attention and disclosure, so please, SPREAD THE WORD! Keep reading for a few options detailing how your home or small business network can avoid becoming the next victim.

How to Prevent Being a Victim of a Cisco Linksys Zero Day Hack

#1: Wait for a Cisco firmware upgrade and hope for the best

Trust that Linksys will fix this issue before it gets into the hands of hackers, and hope they release firmware to plug the hole. We recommend all Linksys router owners keep an eye on Cisco’s site as they claim to be working on another solution. Although, when they were originally contacted, Cisco claimed that their Linksys firmware had already been upgraded and fixed to plug that hole (which was untrue.)

#2: Replace the firmware on your router with an open-source solution.

Check if your router is a candidate for a firmware upgrade with DD-WRT, TomatoOpenWRT, or any other of many open-source firmware options. You can find a full list of alternative router firmware projects on Wikipedia. (If you are not aware of what firmware is and how it differs from software, you can lean more on our What is Firmware entry.)

The issue with many of these open-source firmware projects is twofold: first, not all routers support a firmware upgrade, so you have to make sure that yours does. Next, you have to upgrade with the proper firmware version.

It is important to note that not every router is supported by every firmware. DD-WRT supports the largest variety of routers with varying degrees of networking functionality and has a searchable, supported router database.

The maze to finding the proper firmware and to confirm that it actually works properly once it is flashed can be a bit overwhelming. You can dig and research for hours, and even days, for exactly the right firmware version that functions properly and is stable.  It can be a very frustrating process (we know from much experience). The DIY mentality of these projects is laudable but sometimes the organization of the files to use and how to perform the flash can leave something to be desired for the average user who is unfamiliar with this space.

On top of that, it is also very possible that improper flashing will lead to bricking, meaning it will turn your router into a nonfunctional brick, so please review all flashing procedures before taking this task on yourself as we can not be liable if you perform an incorrect flash on your own device. Flashing router firmware on your own is only recommended for intermediate to advanced users who have some knowledge of networking, and a grasp of telnet or the classic command line interface.

#3: Upgrade to a new router with upgraded non-Linksys firmware such as DD-WRT or Tomato.

netgear-ddwrtIf your network has been stalling or has not been  up-to-snuff, this serious networking security issue gives you the perfect impetus to upgrade your router in order to fully support all your latest gadgets and devices from the holiday season.

Since this is a very recent issue, going out and just buying a new Linksys router will not be enough as these products were manufactured months, or even years, ago.

Our pre-flashed Cisco Linksys DD-WRT devices (E1000, E1200, E2000, E3000, & the E4200 V1) allow you to allay your fears of the Linksys Zero Day bug and diminish your worries of other security vulnerabilities by replacing the stock firmware with the more powerful DD-WRT equivalent.

A DD-WRT upgrade will replace the vulnerability while simultaneously providing your network with advanced functionality/features such as QoS bandwidth management, the ability to overclock your router CPU for additional processing power, integrated HotSpot options, adjust antenna transmission strength, and integrated VPN options (OpenVPN, PPTP, L2TP). (Read more about advanced DD-WRT features).

For those interested in Tomato, take a look at the high-end Asus Dark Knight RT-N66U N900 device.

Every FlashRouter order includes a free custom home networking configuration guide, a custom setup guide, and 3 months of networking support including VPN service provider setup. 

Using a FlashRouter can make your network infinitely more stable and easier to customize/tweak for future networking needs, as our desire for improved WiFi and performance fills our daily lives. Make your life easier and watch confusing wireless networking setups become a thing of the past. We can promise the following:

  • An extensively tested version of  DD-WRT will be flashed on your router.
  • Personalized Custom Configuration & Setup Guide: A FlashRouter configuration specialist will personally contact you to tailor your new router to your networking plans if you don’t tell us in your Order Comments.
  • Online Tech Support: Our support staff is available to make sure your DD-WRT router and VPN service connection gets up and running. Satisfaction Guaranteed!
  • Free VPN Service Integration: We offer setup guides for just about every VPN service, including: OverPlay VPNHide My Ass, IPVanish, PrivateInternetAccess, and many more.
  • Speedy worldwide shipping.

It is sad to say, but it is not in the interest of these companies like Cisco to offer many advanced features in their routers, as they prefer that you buy more expensive models in order to get these high-powered features that open source firmwares like DD-WRT offer.

Besides their lackluster firmware offerings, they owe it to their customers to publicize this issue or risk a huge backlash from the average user who might stumble upon this information too late, like, for instance, after they are hacked and their network becomes a haven for possible criminal activity without their knowledge because they trusted that Cisco had their back.

Be diligent, be aware, and be safe, because your online security is not something to take lightly. If it only took DefenseCode 12 days to find this hack, who knows how long it will be until someone finds the next Zero Day flaw in Cisco or another router manufacturer’s buggy & lackluster firmware? Maybe they already have…

Want more InfoSec updates, security flaw information, and the latest in open-source firmware/DD-WRT and privacy news follow us on Twitter (@flashrouters) or like us on Facebook.

2 thoughts on “The Linksys Fix: How to Avoid the Linksys Zero Day Firmware Exploit

  1. Nick

    I love Cisco, and all their products. They are the best so far! I never really had problems for now but thanks for this info, I will be more careful now with my network. I hope I won’t be experiencing this kind of problem in the future.

  2. Pingback: How To Fix D-Link & Other Router Firmware Flaws/Exploits?

Leave a Reply

Your email address will not be published. Required fields are marked *