Security researchers have disclosed a critical zero-day vulnerability in firmware used by several major consumer router manufacturers, potentially affecting over 10 million devices worldwide. The flaw allows remote attackers to execute arbitrary code without authentication, enabling full control over affected routers and the networks they serve.
TP-Link, Netgear, and Asus have confirmed their devices are impacted and are working on firmware patches expected within the next 48 hours. In the interim, cybersecurity experts recommend disabling remote management features and enabling automatic firmware updates where available.
The discovery underscores the ongoing challenges of securing consumer networking equipment, which often runs outdated software and lacks the monitoring capabilities found in enterprise-grade hardware.
