Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

25,000 Linksys routers are reportedly leaking details of any device that has ever connected to it

Last updated

The flaw that may have been leaking data since 2014 reportedly exposes routers that haven't had their default passwords changed, and it can even help lead hackers to physically locate devices and users in the real world.

Researcher Troy Mursch claims that in excess of 25,000 Linksys Smart Wi-Fi routers currently in use have a flaw that means significant data is accessible by hackers. Writing in Bad Packets Report, a "cyber threat intelligence" company, he says sensitive information is being leaked, although the manufacturer now denies this.

Linksys was bought in 2013 by Belkin — and that firm was then bought by Foxconn in 2018 — and that firm says that its staff haven't been able to reproduce Mursch's findings.

"We quickly tested the router models flagged by Bad Packets using the latest publicly available firmware (with default settings) and have not been able to reproduce [it]," said Linksys in an online security advisory, "meaning that it is not possible for a remote attacker to retrieve sensitive information via this technique."

Linksys further says that this is because the flaw was fixed in 2014. However, Mursch disagrees.

"While [this flaw] was supposedly patched for this issue, our findings have indicated otherwise," says Bad Packets. "Upon contacting the Linksys security team, we were advised to report the vulnerability... After submitting our findings, the reviewing analyst determined the issue was 'not applicable/won't fix' and subsequently closed."

If your router is one of those leaking information in this way, then the details that may be available to hackers include the MAC address of every device connected now — or ever.

It can also include device names like "William's iPhone" plus whether the device is a Mac, PC, iOS or Android device. The combination of a MAC address and Linksys Smart Wi-Fi routers' public IP address can mean that hackers could geo-locate or track "William," claims Mursch.

More easily and immediately discovered, though, is whether a router's default admin password has been changed or not.

This flaw and Linksys/Belkin's response were first reported by Ars Technica which notes that the number of affected routers appears to be reducing. After the initial report of 25,617, a repeat of the test some days later revealed 21,401 vulnerable devices.

A complete list of the Linksys router models reported affected is on the Bad Packets site.



49 Comments

kkqd1337 471 comments · 12 Years

i currently 'trust' google to look after my router

tht 5654 comments · 23 Years

I’m keeping my AirPort Extreme until it breaks.

I used to use Linksys routers in the aughts. Not a pleasant experience.

daven 722 comments · 16 Years

Changing the password should be one of the first things you do when getting a new router. I had a Netgear router that was great but somehow it got corrupted during a reboot after a power outage so I picked up a used Airport Extreme dirt cheap. I miss the control I had with the Netgear but love it that having a small market share router means I fly under the radar for most hackers.

Like Tht, I'm keeping it until it breaks.

sflocal 6138 comments · 16 Years

It's news reports like these that makes me wish that Apple gets back in the router business.  I've owned every brand of consumer router made and they were all garbage.  From hardware instabilities requiring a monthly reboot, to software vulnerabilities, and downright failures every six months.  They were trash.  I own sever multi-unit apartment buildings and provide Internet access to each one as a courtesy.  Having routers fail every few months, or get unstable every few weeks was frustrating.

A friend recommended I try an Apple Extreme.  Out of desperation I tried one and after a couple months of testing in one unit, it was love from that point forward.  I purchased a bunch of them to replace all the Chinese crap and in 10 years since having them installed, have never had one fail or act strangely.  It broke my heart when I heard Apple was getting out of that business.

Eventually, I read a report that many of those crap routers (Netgear, Linksys, D-link) were all failing due to the companies going the cheap route and transitioned from quality Japanese capacitors to the crappy, cheap Chinese-made capacitors and just like most things coming out of that country, was complete junk.  Apparently, many of those companies abandoned them and went back to more reliable capacitor from Japan.