Linksys CherryBlossom Advisory

Advisory Date:  6/21/17

Linksys is aware of the CherryBlossom project that was recently released by WikiLeaks’ Vault 7 publication.  Based on the WikiLeaks report customized firmware was created for certain older Linksys routers without our knowledge or consent for the purposes of monitoring, controlling, and manipulating internet traffic of a "targeted" user. 
This customized firmware can be loaded onto a router using one of the following methods:
  • physical access to the router
  • proximity access to the router via Wi-Fi
  • intercepting the device in transit to be delivered to a user

If users believe their router firmware may have been compromised, Linksys recommends that users download the latest available firmware from and update your router. 
After the update, please perform a factory reset to ensure no remnants of the compromise remain.  Instructions on how to do a factory reset can be found here.  If users are not able to perform a firmware update or receive an error message during the update, please contact customer support for further instructions. 
We would also like to recommend the following changes after the factory reset is complete to further secure the router:
  • Set a strong admin password (one that includes capital letters, numbers, special characters, and a password length of at least 8 characters)
  • Disable Guest Access if it is not in use
  • Disable router features (like WPS and UPnP®) if they are not being used

    Potentially Affected Products

    Linksys WRT300N*
    Linksys WRT320N*
    Linksys WRT54G*
    Linksys WRT54GL
    Linksys BEFW11S4*
    Linksys WAP11*
    Linksys WAP51AB*
    Linksys WAP54G*
    Linksys WAP55AG*
    Linksys WCG200*
    Linksys WET54G*
    Linksys WET54GS5*
    Linksys WGA11B*
    Linksys WGA54G*
    Linksys WMA11B*
    Linksys WMLS11B*
    Linksys WPG12*
    Linksys WPG54G*
    Linksys WPS11*
    Linksys WPS54GU2*
    Linksys WRE54G*
    Linksys WRT54G*
    Linksys WRT54GP2*
    Linksys WRT54GS*
    Linksys WRT55AG*
    Linksys WRV54G*
    Linksys WVC11B*
    Linksys WVC54G*

*These product models are no longer being sold by Linksys and have not been sold since August 2013 or earlier.

Was this support article useful?

Additional Support Questions?
Search Again