VULHUB ™

A vulnerability has been reported in various Linksys routers, during the initial negotiation stage. It has been reported that the vulnerable routers fail to handle XML-related data transmitted by clients during initialization of a session with the management server (on TCP port 8080 of the internal interface). According to the report, authentication is bypassed completely when the browser Lynx is used to connect to the management interface and a mailcap entry exists for "application/foo.xml". Reportedly, the authentication mechanism can be bypassed by requesting a .XML page. This feature is required for UPnP functionality but is not disabled when UPnP support is disabled. This is due to a flaw in the firmware when parsing requests for .XML pages. It has also been reported that firmware revision 1.43.3 only partially fixes this vulnerability.

A vulnerability has been reported in various Linksys routers, during the initial negotiation stage. It has been reported that the vulnerable routers fail to handle XML-related data transmitted by clients during initialization of a session with the management server (on TCP port 8080 of the internal interface). According to the report, authentication is bypassed completely when the browser Lynx is used to connect to the management interface and a mailcap entry exists for "application/foo.xml". Reportedly, the authentication mechanism can be bypassed by requesting a .XML page. This feature is required for UPnP functionality but is not disabled when UPnP support is disabled. This is due to a flaw in the firmware when parsing requests for .XML pages. It has also been reported that firmware revision 1.43.3 only partially fixes this vulnerability.