Routers and modems running on the firmware of the Taiwanese company Arcadyan were exposed to the CVE-2021-20090 vulnerability, The Record.media reports. This affects about 20 device models offered by 17 companies, including ASUS, Orange, Vodafone, Telstra, Verizon, Deutsche Telekom, British Telekom and others.
The vulnerability can be used to bypass the settings of routers and modems and allow remote connections to user devices. Initially, the problem was not so serious: the vulnerability was discovered at the beginning of the year, the corresponding patch was released in April, but last week serious attacks began on unpatched devices using the vulnerability. Owners of affected routers are advised to request a security update from their service provider.
Read also:
