The vulnerability is located in a CGI script that is part of the administration interface. There are many Linksys systems that are potentially vulnerable, including E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900, E300, WAG320N, WAP300N, WAP610N, WES610N, WET610N, WRT610N, WRT600N, WRT400N, WRT320N, WRT160N and WRT150N.
Recommendations
Linksys published a technical article on its website with instructions on how to install the latest firmware version and disable remote management on affected devices.