By default, Linksys routers install with a default password. The administrative account has a password of admin which is publicly known and documented. This allows attackers to trivially access the program or system.

1. Linksys - DSL
Method: Telnet
Password: admin
Level: Admin

2. Linksys - WAP Router
Version 4 Port, 2.4GHz
Method: HTTP
User ID: (blank)
Password: admin
Level: Administrator

3. Linksys - ADSL Router
Version 2700v
User ID: (none)
Password: epicrouter
Level: Administrator

4. Linksys - Wireless Router
Version WRT54G
User ID: (none)
Password: admin
Level: Administrator

5. Linksys - WET11
User ID: (none)
Password: admin
Level: Administrator

6. Linksys - WET54G
User ID: (none)
Password: admin
Level: Administrator

7. Linksys - WAP11
User ID: admin
Password: admin
Level: Administrator

8. Linksys - BEFW11S4
User ID: (none)
Password: admin
Level: Administrator

9. Linksys - WAG54G
User ID: admin
Password: admin
Level: Administrator

10. Linksys - WCG200
User ID: (none)
Password: admin
Level: Administrator

11. Linksys - SRW224
User ID: admin
Password: (blank)
Level: Administrator
Notes: Default management URL: http://192.168.1.254

12. Linksys - PSUS4
User ID: admin
Password: admin
Level: Administrator
Notes: Print Server for USB with 4-Port Switch

13. Linksys - WAP54G
User ID: (blank)
Password: admin
Level: Administrator
Notes: Default IP is 192.168.1.245

14. Linksys - WRT54GL
User ID: admin
Password: admin
Level: Administrator

Immediately after installation, change all default install passwords to a unique and secure password. When possible, change default accounts to custom names as well.

• Generic Informational URL: http://www.cirt.net/cgi-bin/passwd.pl?method=showven&ven=Linksys

Unknown or Incomplete

We currently have no CVSS2 data on this vulnerability. Feel free to suggest it.