Popular WiFi routers with many security vulnerabilities

Security researchers analyzed nine popular WiFi routers and discovered a total of 226 vulnerabilities, even when running the latest firmware.

The routers they tested are manufactured by Asus, AVM, D-Link, , Edimax, TP-Link, Synology and Linksys and are used by millions of people.router, iguru, popular router, security vulnerabilities

The devices with the highest number of vulnerabilities are the TP-Link Archer AX6000, with 32 defects, and the Synology RT-2600ac, which has 30 security vulnerabilities.

The testing process

IoT Inspector researchers conducted the tests in collaboration with CHIP magazine, focusing on models mainly used by small and home users.

"For the evaluation of the Chip, the magazine provided all the current models, which were upgraded to the latest firmware version," said Florian Lukavsky, CTO and founder of the IoT Inspector, at BleepingComputer.

"The routers were automatically analyzed by the IoT Inspector and checked for more than 5.000 CVEs and other security issues."

Their findings show that many of the routers are still vulnerable to vulnerabilities that have been publicly disclosed, even with the latest firmware as shown in the table below.
routers table

Although not all defects carry the same risk, the team found some common problems that affected most models:

  • Outdated Linux kernel in firmware
  • Outdated multimedia and VPN functions
  • Excessive reliance on older versions of BusyBox
  • Use weak default passwords such as "admin"
  • Presence of credentials in plain text

Jan Wendenburg, CEO of IoT Inspector, noted that one of the most important ways to secure a router is to change the default access when you first set up the device.

“Changing passwords during first use and activating it of updating should be common practice across all IoT devices, whether the device is used at home or on a corporate network.”

The researchers did not publish much technical details about their findings, except in one case involving the extraction of the encryption key for D-Link router firmware.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
router, iguru, popular router, security vulnerabilities

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).