Popular Linksys Router Vulnerable to Attack | eWeek

Popular Linksys Router Vulnerable to Attack

Written By
Dennis Fisher
Dennis Fisher
Nov 1, 2002
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

A denial-of-service vulnerability in one of the most popular cable and DSL routers allows an attacker to crash the router from a remote location.

The Linksys Group Inc.s BEFSR41 EtherFast Cable/DSL Router with 4-Port Switch is vulnerable to a remote DoS attack that requires the attacker to do nothing more than access a specific script on the routers remote management interface. The vulnerability affects all of the routers with firmware versions earlier than 1.42.7.

There is no patch available for the problem at this point, but firmaware version 1.43 fixes the problem.

In order to exploit the vulnerability, an attacker would simply need to access the Gozilla.cgi script using the routers IP address with no arguments. As long as the routers remote management interface is enabled, the attacker simply needs to craft a URL that looks like this—http://192.168.1.1/Gozilla.cgi?—and send it to the router, which would then crash, according to an advisory published Friday by iDefense Inc., a security firm based in Chantilly, Va.

“Exploitation may be particularly dangerous, especially if the routers remote management capability is enabled,” the advisory said. “An attacker can trivially crash the router by directing the URL…to its external interface.”

In many cases, there is no reason for the remote management interface to be enabled and disabling it serves as an easy defense against this problem.

Linksys officials on Wednesday responded to the vulnerability report, saying that they were aware of the problem and recommend that all users leave the remote management interface disabled, which is the default setting.

Linksys routers are used by many home workers to split broadband connections among several computers.

A message on a security mailing list Friday from Mark Litchfield of Next Generation Security Software Ltd. suggested that routers and wireless access points from D-Link Systems Inc., and Linksys access points are also vulnerable to a DoS condition.

(Editors Note: This story has been updated since its original posting to include Linksys response.)

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.