Linksys MX4200 Improper Firewall Configuration Leading to WAN Exposure of Local Services

A vulnerability exists in the Linksys MX4200 router, specifically in firmware version 1.0.13.210200, due to an improperly configured firewall rule. This misconfiguration allows the router to accept incoming connections on the WAN port from source port 5222, thereby exposing all services that are typically accessible only through the local network. The issue could potentially affect other Linksys models as well.

Impact

Exploitation of this vulnerability exposes local services to the internet, creating a potential entry point for unauthorized access or attacks. This is particularly concerning in light of other reported vulnerabilities that could lead to OS command injection over the internet.

Reproduction

The vulnerability can be reproduced by sending a TCP packet from source port 5222 to the WAN port of the router. This can be done using a socket connection, binding the source port to 5222. Once the packet is accepted, any service listening on the router can be accessed from the internet.

Remediation

Users are advised to upgrade to firmware version 1.0.13.216602 to address this vulnerability.