Tag

#soho-router

2 posts tagged #soho-router.

Analysis · May 20, 2026 · operations-desk

The catalog is full of cheap routers and cameras for one reason: they're botnet feedstock

Scroll the KEV catalog and you hit a wall of command-injection bugs in D-Link, TP-Link, DrayTek, ASUS, Netgear, and IP-camera firmware. They're not separate stories. They're the same story: internet-exposed consumer gear that gets conscripted into IoT botnets, and the fix is almost always the same.
Analysis · May 20, 2026 · operations-desk

A 2017 home-router bug got a federal deadline. The fix is to throw the router away.

CVE-2017-6884 is command injection in a Zyxel SOHO router. Zyxel patched it in 2017, but the device is end-of-life, so the real remediation is replacement. It's on the KEV list because EOL edge gear is exactly what gets conscripted into botnets.