127 Popular Home Routers Including D-Link, Netgear Affected With 53 Critical Security Vulnerabilities

A security study conducted by Germany’s Fraunhofer Institute for Communication, the popular home routers are affected by multiple critical security flaws. The Fraunhofer Institute for Communication concluded that they found 127 routers from major seven brands.

The security experts analyzed the firmware images from each examined router with associated vulnerabilities and exploits, and the conclusions continuing to be severe and annoying. Here, they used FKIE’s Firmware Analysis and Comparison Tool (FACT) to analyze the affected routers.

They also mentioned the name of the companies, and here they are mentioned below:-

  • AsusTek Computer Inc.
  • D-Link Crop.
  • Netgear Inc.
  • Linksys.
  • TP-Link Technologies Co. Ltd.
  • AVM Computersysteme Vertriebs GmbH.
  • Zyxel Communications Corp.

The routers were determined to be affected by nearly 53 critical-rated vulnerabilities, and the device that took the first place was also concerned “only” by 21 such CVEs. Out of the 127 routers, 46 routers had not received a single security update in the last year, while 22 had not acquired any in the previous two years. 

All the home routers that are based on different key features, like the device updates and the version of the operating system and any perceived critical vulnerabilities attacking them. 

Not only this, but the experts From ESET also exploited the mitigation methods that are used by vendors and how often they stimulate them; the presence of a single cryptographic key element in the router’s firmware; and the presence of hard-coded login credentials.

Routers Affected

There has been a total of 127 routers that are affected by multiple security flaws, and these routers are affected by nearly 53 critical-rated vulnerabilities that we have mentioned above. 

Some routes are effortlessly crackable, or even we can say that they carry well-known passwords that cannot be replaced by the user. On the other hand, 50 routers came with hardcoded admin information, which also consists of 16 with well-known or easy-to-guess login credentials.

The routers that have been detected in this operation, among them the D-Link, TP-Link, Linksys, and Zyxel are marked as the worst in courses of how well basic security features were approached out of the box. 

However, some brands appear to prioritize protection a bit more than others, and AVM International was the most beneficial in terms of all the security features, but there are still some of the company’s routers that carry the flaws. The researchers are trying to get a proper solution to this flaw and affirmed the users stay calm.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read:

XSS Flaw Impacting 100,000 WordPress Sites – Update Now!!

Top 10 Vulnerability Assessment and Penetration Testing (VAPT) Tools 2020

Zoom Suddenly Announced End-to-End Encryption for Free Users

Balaji N
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.