Skip to main content

Pretty much all Wi-Fi routers are vulnerable to attack, study finds

image of a the backside of a wireless router
(Image credit: deepblue4you)
Audio player loading…

In a shocking revelation, cybersecurity (opens in new tab) researchers have discovered over 200 bugs in Wi-Fi routers (opens in new tab) made by nine popular manufacturers, suggesting that millions of the most common devices around the world are vulnerable to attacks.

Researchers from IoT Inspector and CHIP examined devices from Asus (opens in new tab), AVM, D-Link, Netgear (opens in new tab), Edimax, TP-Link (opens in new tab), Synology, and Linksys, and found a total of 226 potential security vulnerabilities.

"The test negatively exceeded all expectations for secure home and small business routers. Not all vulnerabilities are equally critical - but at the time of the test, all devices showed significant security vulnerabilities that could make a hacker’s life much easier," said Florian Lukavsky, CTO of IoT Inspector.

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window (opens in new tab) <<

The two devices with the most number of vulnerabilities were the The TP-Link Archer AX6000 with 32 vulnerabilities, and the Synology RT-2600ac (opens in new tab) with 30 vulnerabilities.

Greater accountability

According to the researchers, some of the security issues were detected across multiple devices, generally because of outdated software. They fathom that, since integrating a new kernel into the firmware is a costly affair, all of the tested routers were running dated versions of the Linux (opens in new tab) kernel.

Similarly, additional services, such as multimedia streaming or VPN (opens in new tab), were usually found to be powered by outdated software.

When contacted by the researchers, all of the manufacturers quickly responded by releasing firmware patches to resolve the issues. 

The researchers also used the opportunity to point out that the coalition agreement of the new German government seeks to hold manufacturers accountable for vulnerabilities in their products.

“This increases the pressure on the industry to continuously secure products in order to avoid immense claims for damages,” point out the researchers.

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.