Today I scanned my router with routersploit. The scan ended and showed one vulnerability: eseries_themoon_rce.

I searched the internet and found that this is a vulnerability in Linksys E-Series routers. But I am not on linksys at all. And I didn’t find anything about getting rid of it.

I’m wondering if someone knows how to make this vulnerability eliminate?

  • some_guy@lemmy.sdf.org
    link
    fedilink
    arrow-up
    7
    ·
    5 months ago

    You might also be able to replace the firmware with something like DD-WRT or OpenWRT or Tomato or other third-party firmware.

    • u/lukmly013 💾 (lemmy.sdf.org)@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 months ago

      Good idea.

      You can still get the newest DD-WRT builds even on the WRT54G.
      That is a Wi-Fi router from 2002.

      Of course, the features are sort of limited. I tried the VPN build (on WRT54GL), but I couldn’t get the OpenVPN client to connect. I found some thread mentioning it may be missing something, but I don’t know if that’s the issue.

      Anyway, without overclocking I’d expect like 2Mbps. I mean, it barely handles HTTPS. Just trying to load the WebUI maxes out the CPU for several seconds if trying to use HTTPS.
      Perhaps it’s not missing anything software-wise, but it’s just so slow it times out during handshake.
      So I just put the std build on it in case it will be useful at some point.