According to Testaankoop, the Belgian equivalent of the Consumers’ Association, two types of Linksys routers are
sending Wi-Fi login details in plaintext to Amazon (AWS) servers.
This discovery involves the Linksys Velop Pro 6E and Velop Pro 7 mesh routers.
During routine installation checks, Testaankoop detected several data packets being transmitted to an AWS server in the US. These packets included the configured SSID name and password in clear text, identification tokens for the network within a broader database, and an access token for a user session, potentially paving the way for a man-in-the-middle (MITM) attack.
An MITM attack is a security breach in which an attacker intercepts the communication between your Linksys router and the Amazon server without either party’s knowledge. In this context, it means the attacker could capture your Wi-Fi network name (SSID) and password as they are transmitted in plaintext, allowing them to read or alter these sensitive details and potentially gain unauthorized access to your network.
The consumer organization conducted these tests using the latest firmware available at the time. Despite warning Linksys in November, no effective measures have been taken.
stackdiary.com
