Over 25,000 Linksys Smart Wi-Fi routers kept info on who connected to them and are now leaking this

Using data provided by BinaryEdge, our scans have found 25,617 Linksys Smart Wi-Fi routers are currently leaking sensitive information to the public internet, including:

    • MAC address of every device that’s ever connected to it (full historical record, not just active devices)
    • Device name (such as “TROY-PC” or “Mat’s MacBook Pro”)
    • Operating system (such as “Windows 7” or “Android”)

In some cases additional metadata is logged such as device type, manufacturer, model number, and description – as seen in the example below.

Example metadata leaking by Linksys Smart Wi-Fi routers

Other sensitive information about the router such as the WAN settings, firewall status, firmware update settings, and DDNS settings are also leaked publicly.

Source: Over 25,000 Linksys Smart Wi-Fi routers vulnerable to sensitive information disclosure flaw – Bad Packets Report