text.skipToContent text.skipToNavigation

Linksys GT

Linksys Logo

COORDINATED VULNERABILITY
DISCLOSURE PROGRAM

Linksys places a high value on security of its networking products. For many people, their home Wi-Fi router is the only barrier between their home network and a multitude of hostile internet threats intent on taking over their devices.

To protect our user’s privacy and security, Linksys is happy to accept all vulnerability reports that adhere to our coordinated vulnerability disclosure guidelines.

In Scope

  • Linksys routers, range extenders, Wi-Fi dongles, switches, and other networked devices

 

 

Not In Scope

Any services or systems that are hosted by third party providers or Linksys owned property, services be it physical or intellectual. This includes and is may not only limited to:

  • Linksys.com web endpoints
  • Linksys Smart Wi-Fi web and cloud endpoints
  • Social Engineering and Phishing attacks against Linksys employees, contractors, customers, or support

 

 

How To Submit

PLEASE READ THE ENTIRE PAGE PRIOR TO SUBMITTING A VULNERABILITY.

If you need help finding your Wi-Fi password or believe your router has been hacked, please contact Technical support here.

Please click here to submit your vulnerability.

 

 

DISCLOSURE

After receiving your vulnerability report, the Linksys security team will review your report and commission a fix to our remediation team. After Linksys publishes the fix for the affected SKUs listed in your report, Linksys will give the green light to disclose the vulnerability.

We ask that all coordinated vulnerability disclosures contain the following information:

  • A link to the firmware download page containing the fixed firmware
  • A sentence or two in either the title of the disclosure or in the first few paragraphs confirming that a fix for the vulnerability is available
  • Accurate representation of the attack details per the CVSSv3 guidelines (LAN-only attacks are “Local” not “Remote”, etc.)