Remote Zero-Day Exploit In Linksys WRT54G Routers

Remote Zero-Day Exploit In Linksys WRT54G Routers

Back in the day, the WRT54G used to be the router.  That hasn’t been the case for years though.A lot of “techs” who read, but don’t actually practice, tend to sing the praises of the WRT54G as though it were the holy grail of routers.  What they don’t know is, the router they evangelizing, isn’t the hardware it once was.

Before I go on, I’ll wait while those of you interested in the technical details, go and read this first:

http://nerdvent.net/2012/07/12/stop-telling-people-to-buy-wrt54gs/

Ok, everyone back?  Good, let’s continue.

First of all, the Linksys WRT54G simply is not the class of router a small business should have in place.  Anyone recommending it is bringing their personal home setup, into the wrong arena.  And don’t try to start the conversation about, “You can flash the router and install DD-WRT.”  Tell that to a consignment store owner and let him/her know you’re going to personally maintain it for life.

Now there are even bigger problems with the Linksys WRT54G.  There’s a remote zero-day exploit for the router, allowing an attacker to remotely connect to and obtain root (i.e. full admin access) over your router, all its files, settings, etc.

Remote Zero-Day Exploit for Linksys WRT54G
Remote Zero-Day Exploit for Linksys WRT54G | (Image Source: DefenseCode)

According to the team who discovered the exploit, and despite Linksys saying they’ve patched it…

The latest official Linksys firmware – 4.30.14 and all previous versions are still vulnerable.

So what started as a blog post about how the Linksys WRT54G simply isn’t the router “kids” think it is, has now become much more serious.  Apparently a fix is on the way but this will most-likely require users to download and flash a new firmware update.

I am a Software Developer, System Administrator, and consignment software specialist. I currently manage hundreds of consignment workstations, point of sale systems, and database servers all across North America and I am the developer of Peeps' Software, Peeps2Go, and Peeps' Consignor Login for iOS and Android. I've been helping consignment & resale store-owners since 2003. I started The Computer Peeps in February of 2010. Peeps' Software launched in 2016 and is now on hundreds of systems all across North America. I have successfully converted dozens of stores from all of the major consignment software systems. After 20 years of working with consignment stores, I understand the unique challenges consignment & resale store-owners face. From electrical issues in old buildings or strip malls, to advocating for them when their old consignment software keeps crashing.

Leave a Comment

Your email address will not be published. Required fields are marked *

*
*

Back To Top