Security News > 2020 > July > Report: Most Popular Home Routers Have ‘Critical’ Flaws
A security review of 127 popular home routers found most contained at least one critical security flaw, according to researchers.
On average, the routers analyzed-by vendors such as D-Link, Netgear, ASUS, Linksys, TP-Link and Zyxel-were affected by 53 critical-rated vulnerabilities, with even the most "Secure" device of the bunch having 21 CVEs, according to the report.
Researchers examined the routers based on several key aspects: device updates, version of operating system and any known critical vulnerabilities affecting them; exploit mitigation techniques by vendors and how often they activate them; the existence of private cryptographic key material in the router's firmware; and the existence of hard-coded login credentials.
"Much more effort is needed to make home routers as secure as current desktop or server systems."
Among the routers examined, those from D-Link, Linksys, TP-Linkand Zyxel fared the worst in terms of how well common security aspects were addressed out of the box, according to the report.
News URL
https://threatpost.com/report-most-popular-home-routers-have-critical-flaws/157346/
Related news
- SOCI Act 2024: Thales Report Reveals Critical Infrastructure Breaches in Australia (source)
- CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports (source)
- Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) (source)
- Zyxel warns of critical OS command injection flaw in routers (source)
- Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers (source)
- D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers (source)
- DrayTek fixed critical flaws in over 700,000 exposed routers (source)