Software Engineering Institute

The Linksys WRTG54G is a broadband router that has an integrated wireless access point and ethernet switch. The WRT54G router's configuration settings are controlled by a web interface that uses either HTTP or HTTPS. Before viewing configuration files, an administrator needs to supply valid credentials.

The administrator's credentials are only used for viewing the device's configuration; the WRT54G does not require any credentials when making changes to configuration files. An attacker may be able to create a specially crafted web page that makes changes to the router's configuration when opened by anyone connected to the wireless or LAN ports of the router.

The remote access feature on Linksys routers allows administration of the router from the WAN port. If remote administration is enabled on an affected device, an attacker on the Internet may be able to exploit this vulnerability by sending malformed commands to the web interface.

A remote, unauthenticated attacker could change the configuration of an affected router.

There is currently no practical solution available to this problem.

Disable remote access
Disabling remote access may help mitigate this vulnerability.

Do not open untrusted links
An attacker may be able to create a specially crafted URL or HTML page that exploits this vulnerability. Do not open or follow untrusted hyperlinks sent through email or instant messages.

Secure your wireless network
Restricting access to your wireless network may also mitigate this vulnerability. US-CERT Cyber Security Tip ST05-003 has instructions on how to secure your wireless network.