CVE-2019-16920 allows remote unauthenticated attackers to execute code on a target device.

We reviewed 28 popular home routers for basic hardening features. None performed well. Oh, and we found a bug in the Linux/MIPS architecture.

Nation-sponsored Slingshot is one of the most advanced attack platforms ever.

Comcast has just been caught in a major security snafu: revealing the passwords of its customers' Xfinity-provided wireless routers in plaintext on the web. Anyone with a subscriber's account number and street number will be served up the wi-fi name and password via the company's Xfinity internet a…

This attack is determined by the particular router model that is detected during the reconnaissance phase. If there is no known exploit, the attack will attempt to use default credentials; otherwise, it will use known exploits to modify the DNS entries in the router and, when possible (observed for 36 fingerprints out of the 129 available), it will try to make administration ports available from external addresses. In this way, it will expose the router to additional attacks like those performed by the Mirai botnets.

Malicious ads are serving exploit code to infect routers, instead of browsers, in order to insert ads in every site users are visiting.

[...]

The way this entire operation works is by crooks buying ads on legitimate websites. The attackers insert malicious JavaScript in these ads, which use a WebRTC request to a Mozilla STUN server to determine the user's local IP address.

[...]

Researchers say they've seen attackers open administration ports for 36 routers of the list of 166 router fingerprints.

At least two Netgear routers, the R6400 and R7000 are vulnerable to a command injection flaw that is easy to exploit and could lead to the total takeover of the routers. This was disclosed yesterday, December 9th, and there has, as yet, been no response from Netgear.

RouterCheck is a system for ensuring the well-being of your router and home network. It addresses the new threats posed by hackers.