Linksys E1200 Authorization Bypass
Posted on 30 November -0001
<HTML><HEAD><TITLE>Linksys E1200 Authorization Bypass</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY> Linksys E1200 hardware version 2.2 and firmware version 2.0.07 (build 2) suffer from missing authorization control on parental control page. This allows an attacker to change the parental controls set up by parents to keep kids safe from visiting adult sites and probably compromise a kids device. Info at http://www.samuelhuntley.com/?p=132 http://www.samuelhuntley.com/?p=143 Initial disclosure date: 04/12/16 Fixed date as per Linksys contact: 7/4/16 Linksys contact: Benjamin Samuels, Calvin Clark (security@linksys.com) </BODY></HTML>