http://securityevaluators.com//content/case-studies/routers/soho_router_hacks.jsp
We define a critical security vulnerability in a router as one that allows a remote attacker to take full control of the router’s configuration settings, or one that allows a local attacker to bypass authentication and take control. This control allows an attacker to intercept and modify network traffic as it enters and leaves the network.
- All 13 routers evaluated can be taken over from the local network
- 4 of these attacks require no active management session.
- 11 of 13 routers evaluated can be taken over from the WAN
- 2 of these attacks require no active management session.
***Read article at University of Wales, Newport***