Researchers take over Linksys router with simple JavaScript

A pair of researchers at last week’s Black Hat conference demonstrated how a simple JavaScript app could be used to compromise a wireless router with little to no user interaction.

Network devices – such as routers, switches, printers and firewalls – can be hijacked to give a remote attacker full control of the network, Phil Purviance and Joshua Brashars, senior security consultants at AppSec Consulting, said during their presentation on Thursday. The attack method relied on JavaScript and cross-site request forgery, they said.