Over 100 Wi-Fi routers fail major security test — protect yourself now – Tom’s Guide

Almost all home Wi-Fi routers tested in a mass study by Germany’s renowned Fraunhofer Institute had serious security vulnerabilities that could easily be fixed by router makers, a recently released report states.
“Nearly all were found to have security flaws, some of them very severe,” the Fraunhofer Institute said in a press release. “The problems range from missing security updates to easily decrypted, hard-coded passwords and known vulnerabilities that should have been patched long ago.” 
Using its own analytical software, the institute tested the most recently available firmware for 117 home Wi-Fi models currently sold in Europe, including routers from ASUS, D-Link, Linksys, Netgear, TP-Link, Zyxel and the small German brand AVM. The models themselves were not physically tested.
A full list of the tested models and firmware is on GitHub. The institute was not able to examine the firmware of 10 more models, mostly from Linksys. The report notes that many firmware updates are issued without fixing known flaws.
Because the study was begun in late March and examines the firmware available on March 27, it will not include the dozens of firmware hot fixes that Netgear issued in late June to correct a series of flaws. 
Meanwhile, Huawei routers were not examined because the company does not make its router firmware publicly available, and routers and gateways issued by ISPs were not examined because the ISPs outsource firmware development to many third parties.
It’s not like this is the first survey of its kind. A separate study of router security delivered a similarly dire report in December 2018, yet little improvement has been seen in the subsequent 18 months.
How can you protect your router?
So what can you do? You can make sure that the next router you buy automatically installs firmware updates. You can check to see whether your current router does so, or makes it fairly easy to install firmware updates manually.
You should also make sure that the administrative password for your router has been changed from the factory default password. (Check the list of default passwords at https://www.routerpasswords.com.) You should also check its administrative interface to make sure that UPnP and remote access are disabled. 
And if your router was first released more than 5 years ago, consider buying a newer model unless it meets all of the above criteria. (Here are our picks for best Wi-Fi router.)
Alternatively, you could try to “flash” your older router to run more secure open-source router firmware such as OpenWrt, DD-WRT or Tomato.
The bad, and the worse
AVM came out by far the best among the seven manufacturers examined, although it was not without flaws. ASUS and Netgear did not do well, but they were less terrible than D-Link, Linksys, TP-Link and Zyxel.
The flaws included out-of-date firmware (the D-Link DSL-321B Z had not been updated since 2014); out-of-date Linux kernels (the Linksys WRT54GL uses a kernel from 2002); failure to implement common security techniques (AVM did better than the rest here); secret private keys embedded in the firmware so anyone could find them (the Netgear R6800 had 13); and hard-coded administrative usernames and passwords allowing full device takeover (only ASUS had none). 
“There is no router without flaws, and there is no vendor who does a perfect job regarding all security aspects,” the Fraunhofer report concluded. “Much more effort is needed to make home routers as secure as current desktop or server systems.” 
The routers you really shouldn’t use
There are a few routers named in the study that you should definitely not use, even though it appears you still can buy them.
“The worst case regarding high severity CVEs

Click here to view the original article.