• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Some Linksys routers send login credentials to US based server in plaintext

P4-630

P4-630

Joined
Jan 5, 2006
Messages
18,584 (2.63/day)
System Specs
System Name AlderLake
Processor Intel i7 12700K P-Cores @ 5Ghz
Motherboard Gigabyte Z690 Aorus Master
Cooling Noctua NH-U12A 2 fans + Thermal Grizzly Kryonaut Extreme + 5 case fans
Memory 32GB DDR5 Corsair Dominator Platinum RGB 6000MT/s CL36
Video Card(s) MSI RTX 2070 Super Gaming X Trio
Storage Samsung 980 Pro 1TB + 970 Evo 500GB + 850 Pro 512GB + 860 Evo 1TB x2
Display(s) 23.8" Dell S2417DG 165Hz G-Sync 1440p
Case Be quiet! Silent Base 600 - Window
Audio Device(s) Panasonic SA-PMX94 / Realtek onboard + B&O speaker system / Harman Kardon Go + Play / Logitech G533
Power Supply Seasonic Focus Plus Gold 750W
Mouse Logitech MX Anywhere 2 Laser wireless
Keyboard RAPOO E9270P Black 5GHz wireless
Software Windows 11
Benchmark Scores Cinebench R23 (Single Core) 1936 @ stock Cinebench R23 (Multi Core) 23006 @ stock
Testaankoop: Some Linksys routers send login credentials to US based server in plaintext

According to the Belgian consumer organization Testaankoop, the Velop Pro WiFi 6E and 7 mesh routers from the Linksys brand have been experiencing security problems for more than six months.
The routers would send plaintext login credentials to a server in the US during installation.

According to Testaankoop, this concerns the Linksys Velop Pro WiFi 6E, the MX6201-KE and MX6203-KE versions, and the Linksys Velop Pro 7.
According to the consumer organization, both mesh router systems send 'the configured SSID name and password' in plaintext during the installation process. to an Amazon server in the US.
They would also send identification tokens and a user session access token, which would enable a man-in-the-middle attack. In such an attack, the connection between the router and a server is intercepted, which could result in data being stolen.

Testaankoop claims to have informed Linksys about the vulnerability several times: for the first time in November 2023 and recently after the release of a firmware update.
Despite the reports, the problem is not solved, even after the firmware update.

tweakers.net

Testaankoop: Linksys-routers sturen inloggegevens naar VS in plaintext - update

De Velop Pro WiFi 6E- en 7-meshrouters van het merk Linksys ondervinden volgens de Belgische consumentenorganisatie Testaankoop al meer dan een halfjaar beveiligingsproblemen. De routers zouden tijdens de installatie in plaintext inloggegevens naar een server in de VS sturen.
tweakers.net tweakers.net
 
Last edited:
Co-pilot/recall anyone? Cisco should be ashamed, blow this up on youtube, cisco/linksys social media pages
 
This isn't a overlooked flaw, this was intentional.

1) The SSID and Password, and session tokens are sent to a specific Amazon server
2) Sent in plain text, so unless the device/chipset stores this information as plaintext in memory it had to be decrypted.

Sounds like devices are being used to snoop on customers, I wonder (NSA and five eyes) who could be responsible. Although made in China......
 
Steevo said:
This isn't a overlooked flaw, this was intentional.
Click to expand...
Agreed. There's no reason for it. They could have at least encrypted it with their secret key or something. Wouldn't make it any safer for who they sell it to, but at least it would restrict access to people in the middle who weren't intended to get the info for free.
 
I mean, what good are credentials you just keep them to yourself?
 
eidairaman1 said:
Co-pilot/recall anyone? Cisco should be ashamed, blow this up on youtube, cisco/linksys social media pages
Click to expand...
Cisco hasn't had any involvement with Linksys for over a decade man.

It's presently owned by Foxconn.
 
R-T-B said:
Cisco hasn't had any involvement with Linksys for over a decade man.

It's presently owned by Foxconn.
Click to expand...
Yeah haven't used linksys in nearly 2 decades when they were bought by cisco and the abysmal performing wrt-54gs rev 5 routers in the mid 2000s.

Foxxconn...

The same company people were trying to commit suicide from, the primary CRAPple oem
 
P4-630 said:
Testaankoop: Some Linksys routers send login credentials to US based server in plaintext

According to the Belgian consumer organization Testaankoop, the Velop Pro WiFi 6E and 7 mesh routers from the Linksys brand have been experiencing security problems for more than six months.
The routers would send plaintext login credentials to a server in the US during installation.

According to Testaankoop, this concerns the Linksys Velop Pro WiFi 6E, the MX6201-KE and MX6203-KE versions, and the Linksys Velop Pro 7.
According to the consumer organization, both mesh router systems send 'the configured SSID name and password' in plaintext during the installation process. to an Amazon server in the US.
They would also send identification tokens and a user session access token, which would enable a man-in-the-middle attack. In such an attack, the connection between the router and a server is intercepted, which could result in data being stolen.

Testaankoop claims to have informed Linksys about the vulnerability several times: for the first time in November 2023 and recently after the release of a firmware update.
Despite the reports, the problem is not solved, even after the firmware update.

tweakers.net

Testaankoop: Linksys-routers sturen inloggegevens naar VS in plaintext - update

De Velop Pro WiFi 6E- en 7-meshrouters van het merk Linksys ondervinden volgens de Belgische consumentenorganisatie Testaankoop al meer dan een halfjaar beveiligingsproblemen. De routers zouden tijdens de installatie in plaintext inloggegevens naar een server in de VS sturen.
tweakers.net tweakers.net
Click to expand...
BTW Linksys is one of the least receptive companies to deal with. I beta tested for them (I'm way past NDA date so I am able to post this) and they handled the last beta program I was in with them badly.Kept closing threads after people tried to help fellow testers, and then deleting the other people's replies and barely providing new firmware for testers and overall being crap so this kinda thing does not suprise me.

and get this the only firmware update we had was 1 day before they closed the test!
 
R-T-B said:
Cisco hasn't had any involvement with Linksys for over a decade man.

It's presently owned by Foxconn.
Click to expand...
Shame. Regardless of Foxconn's associated-controversies, I've always viewed them as a 'quality' ODM/OEM provider.

Given the current scenario in world (political-technological) affairs, I'd point the finger @ Foxconn's own motivations and/or CCP.
 
LabRat 891 said:
Shame. Regardless of Foxconn's associated-controversies, I've always viewed them as a 'quality' ODM/OEM provider.

Given the current scenario in world (political-technological) affairs, I'd point the finger @ Foxconn's own motivations and/or CCP.
Click to expand...
when I tested for them they were owned by belkin
 
You must log in or register to reply here.
Back
Top