During installation, the router sent several data packets to an Amazon server in the US. These packets contained the configured SSID name and password in clear text, as well as some identification tokens for this network within a broader database and an access token for a user session that could potentially enable a MITM attack.

Linksys has refused to acknowledge/respond to the issue.

  • Admiral Patrick@dubvee.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    4 months ago

    I use enterprise gear, but not the original software for it (and sometimes, not even the original purpose). I get it all second hand, and the subscription / licensing is usually non active. I think the only gear I used with the original OS was my Brocade fibre channel switch.

    My current router is former Barracuda Load Balancer 340 now running OpenWRT. Cost me $45 and handles everything I need to throw at it and more.