WiMAX routers manufactured by several companies, including Huawei and ZyXEL, are vulnerable to an authentication bypass and potential backdoors.

ASUS updated the firmware in March of a number of its RT routers to address vulnerabilities found within the device’s native web interface.

A researcher disclosed vulnerabilities in TP-Link C2 and C20i routers that allow for remote code execution and denial-of-service attacks with authentication.

Mike Mimoso and Chris Brook recap the news of the week, including a Microsoft SMB zero day, the latest Netgear router vulnerability, and a new HTTPS milestone.

Command injection vulnerabilities and accessible default admin credentials in home routers distributed by Thailand’s largest broadband provider remain unpatched despite private disclosures to the vendors last July.

Netgear has built beta firmware updates for its Nighthawk routers vulnerable to a command injection attack disclosed last week.

Routers manufactured by Quanta are riddled with critical vulnerabilities–backdoors, a hardcoded SSH key, and remote code execution flaws, to name a few–that won’t be patched because the company considers the product end of life. Researcher Pierre Kim found the flaws and reasons that the flaws are due to incompetence, or at worst, calls them “a deliberate act...