Nine WiFi Routers Used by Millions Were Vulnerable to 226 Flaws

According to Bleeping Computer, "security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them." The tested routers are made by many companies and are used by millions of people. The security tests were carried out in collaboration with the researchers at the Internet of Things Inspector. The current models of the routers were upgraded to the latest version for the evaluation, according to Lukavsky. More than 5,000 security issues were checked for by the internet inspector. The team found a number of problems that affected most of the models, including outdated Linux kernels in the firmware, outdated multimedia and VPN functions, and over-reliance on older versions of BusyBox.

All of the affected manufacturers released patches.

_
One of the exploits that the researchers found on one of the routers allowed malicious image updates to pass verification checks on the device, which could potentially have led to the creation of malicious software on the device.

The same study from Security Week states that not all of the identified weaknesses are considered real security flaws, and for some bugs it is unclear whether exploitation is even possible. Many of the identified vulnerabilities were classified as high- and medium-severity.