Researchers from IoT Inspector recently discovered a total of 226 potential vulnerabilities in nine well-known Wi-Fi routers.
Affected routers include routers from Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys. Although most routers use the latest firmware, many of the routers are still reported to have vulnerabilities that have been publicly disclosed.
The researchers also discovered some common vulnerabilities in the routers. These include obsolete Linux kernel in the firmware, obsolete multimedia and VPN functions, over-reliance on older versions of the BusyBox, the use of weak default passwords such as “admin,” the presence of hardcoded credentials in plain text form.
Immediately after the report was published, the manufacturers of the affected routers took decisive steps and released firmware patches to address the situation. Users of one of the models are therefore recommended to apply the available security updates, enable “automatic updates,” and finally change their default password to a strong and unique one.