Wireless routers are common in the typical home and are becoming more so every year. While wireless networks can be convenient and provide many benefits they also have the potential to be insecure and vulnerable. Statistics show that a large percentage of wireless routers use weak or no encryption and many wireless routers still use their default password. This research analyzed the security of wireless routers, specifically the security of a standard Linksys wireless router. The research focused on CSRF attacks and the possibility for an attacker to modify a wireless router through such attacks. The results of the research were significant. Proof of concept code is provided that demonstrates a variety of different types of attacks that enable an attacker to modify a wireless router in order to gain complete and persistent control of the device.


Web Application Security, CSRF, Cross-Site Request Forgery, Linksys, Wireless Routers

Date of this Version



Information Security

Department Head

Eugene Spafford

Month of Graduation


Year of Graduation



Master of Science

Head of Graduate Program

Eugene Spafford

Advisor 1 or Chair of Committee

Melissa J. Dark

Advisor 2

Anthony H. Smith

Committee Member 1

Phillip T. Rawles

Committee Member 2

Eugene H. Spafford