Linksys warns for a tool developed by the CIA, called Cherry Blossom, which can be used to install malcious firmware on routers. The existence of the tool was revealed by whistleblower website Wikileaks.
On the list of routers that can be attacked with Cherry Blossom are several Linksys models. The company writes in an security advisory that the modified firmware from the CIA can be installed in several ways. Through physical access to the router, through Wifi access and by intercepting the router in transit before it’s delivered to the end-user.
Users who fear that their firmware has been compromised are advised to install the latest firmware update. After that, a factory reset has to be performed to before there is no left-over code on the router. Linksys also advises to use a strong administrator password, to disable guest access, WPS and uPnP if they are not used.
In total 28 Linksys are vulnerable to the Cherry Blossom tool.