Poor password and username management leaves many home routers vulnerable
About 15 percent of all home routers are unsecure, according to a study recently released by ESET.
ESET took a look at home 12,000 routers and found that 15 percent had weak passwords with the default ‘admin' being the username.
“During the test, common default usernames and passwords, as well as some frequently used combinations, were tested. It's disturbing that more than one in seven of such simple simulated attacks was successful,” wrote Peter Stancik, ESET researcher.
The research firm also found several other problems within the routers. Just over 50 percent of the issues were bad access vulnerabilities and 40 percent of the routers had a command injection vulnerability. The latter makes the router vulnerable to remote command execution. Ten percent of the routers were found vulnerable to cross-site scripting, which if exploited would allow an attacker to modify the routers configuration to run an unauthorised script.