Zero-Day Bugs In Numerous Modems/Routers Could Compromise Millions of Users

An anonymous reader writes: Researchers have discovered a large number of zero-day flaws in 8 routers/modems from 4 manufacturers (ZTE, Huawei, Gemtek, Quanta) that would allow attackers to build a huge botnet by leveraging just a few exploits. Vulnerabilities include remote code execution, firmware rewrites, XSS, and CSRF. All these allow attackers to intercept both HTTP and HTTPS Web traffic, infect computers beyond the modem, intercept SMS messages, and detect the modem's geographical location. After six months, manufacturers have failed to fix the issues.

Openwrt

[JonathanP.Bennett]

This is why the ability to install secure and Open Source firmware like OpenWrt is so important.
https://openwrt.org/

Re:Openwrt

Buy a new router. Routers which are supported by the latest OpenWRT release can be bought for less than $20. You don't need a fancy gigabit router on the edge of your home network. I would tell you what to get and where and how much it actually costs, but Google won't let me search US shops, because apparently a search engine should under no circumstances let me search anything outside my area. Fuck this, the internet is dead. Why have a router when the internet is like this. What we need are VPN gateways to some sane place. But if you want a cheap router that works fine with the latest OpenWRT (support for multiple SSIDs, client and AP at the same time, VLAN tagging on the ethernet switch, etc.), search for "tp-link tl-wr841n".