Discover 87 dangerous security vulnerabilities in routers during 2021

Network routers are essential for wireless networking (Wi-Fi), and millions of new routers are being added to homes and workplaces around the world every day.

According to an analytical study conducted by Kaspersky, more than 500 security vulnerabilities were discovered in routers in 2021, including 87 critical vulnerabilities.

The threats posed by these vulnerable devices affect both homes and organizations, and their dangers extend beyond email penetration into the physical security of homes. However, users rarely consider the security of their devices, as 73% of users have never considered upgrading or securing their router, according to the study, which makes it one of the biggest threats posed by IoT devices in the facing.

The router is the hub of the home network through which all smart home devices can access the internet and exchange data, and therefore its infection can enable cybercriminals to access the network and malicious software on computers and phones connected to it install to steal sensitive data, photos and work files, which can cause irreparable damage. Scams by an infected router can also lead users to phishing pages that disguise themselves as webmail or frequently used banking sites, ie any data that users enter on these pages, be it login data to email accounts, bank accounts or card details. Banking, you will immediately fall into the hands of fraudsters.

Since 2010, the number of security vulnerabilities in routers has been steadily rising. In 2020, the number of vulnerabilities discovered increased to 603, about 3 times more than the vulnerabilities discovered in the previous year. The number remained high in 2021 with 506 vulnerabilities, of which 87 were dangerous.

A vulnerability is considered dangerous if it is completely unprotected and allows an attacker to penetrate a home or corporate network.

These vulnerabilities could allow an attacker to bypass the authentication mechanism, send commands to the remote router, or even disable it.

Attackers can then steal any data or files sent over an infected network, be it photos, personal information or any important files and documents sent via email.

Number of vulnerabilities in routers (2010 – May 2022)

Routers remain among the most dangerous devices, although researchers are becoming increasingly aware of the vulnerabilities found. One of the reasons for the high risks associated with these devices is the unwillingness of some producers to get rid of the discovered vulnerabilities, to the point that almost a third of the dangerous vulnerabilities discovered in 2021 still received no response of producers who did not. does not take the initiative to issue any software patch or even a statement that includes a Recommendation that users should make, whereas in 26% of these vulnerabilities, manufacturers have only issued statements that often include recommendations for users to provide technical support to contact.

Neither users nor small businesses have the experience or resources to identify or understand threats before it is too late, despite the increased activity of attackers, so ignoring router upgrade or security by 73% of users has one has become one of the biggest threats affecting the internet. of Things today. It becomes even more dangerous when routers are used in sensitive environments such as hospitals or government facilities, where data leaks have worse impacts.

Maria Namestnikova, head of Russia’s global research and analysis team at Kaspersky, said the level of digital security had not kept pace with the speed with which technology was entering the lives of individuals, pointing out that many employees of their homes the past two years, but the security of routers did not improve during that period, and still does not occur, except in rare cases. “The risk that cybercriminals will exploit router vulnerabilities remains a concern in 2022, so it’s important to avoid the threat at the earliest opportunity, as people usually discover that an attack occurred when it’s too late and for example money steal, “he added.

Maria advised users when buying the router to pay attention to network security as they pay attention to high data transfer speed and good prices.Data and money.


Kaspersky recommends that users take the following measures to protect routers from cybercrime attacks:

Purchasing used smart devices is an unsafe practice, as previous owners may “modify” their firmware to give them the ability to remotely control it in the buyer’s home via a compromised router.

• The need to change the default password that comes with the router, and make sure you choose a complex one and change it regularly.

• Refrain from sharing serial numbers, IP addresses, or other sensitive information related to smart devices on social networks.

• Use of WPA2 encryption as the most secure data transfer.

• Disables the ability to remotely access the router settings, and if this feature is required, it should be disabled when not in use.

• For added security, the user can specify a static IP address and disable DHCP, as well as protect the wireless internet by using a medium access control (MAC) address filter.

These procedures require a lengthy and complex process of manually adjusting the settings of many devices connected to the router, but it will be difficult for cybercriminals to infiltrate the network.

• Always check the latest information on router vulnerabilities, software updates, and fixes released by developers, and install them in a timely manner.

• Make sure that a special security solution is installed that helps protect the home network and all connected devices.

Leave a Comment