A new study by a US consumer nonprofit has found that five out of six home routers are inadequately updated for security flaws, leaving the devices, and indirectly their users, vulnerable to hacking.
Carried out by the American Consumer Institute (ACI), the study analyzed a sample of 186 SOHO (small office/home office) WiFi routers from 14 different vendors with a presence on the US market.
ACI experts looked at the firmware version the routers were running and searched public vulnerabilities databases for known security flaws affecting each device's firmware.
"In total, there was a staggering number of 32,003 known vulnerabilities found in the sample," said ACI experts in the study published last week.
"Our analysis shows that of the 186 sampled routers, 155 (83%) were found to have vulnerabilities to potential cyber attacks, in the router firmware, with an average of 172 vulnerabilities per router, or 186 vulnerabilities per router for the identified 155 routers," ACI experts said.
Of the total 32,003 security flaws, more than a quarter were vulnerabilities that received the two highest severity ratings of "critical" and "high-risk" respectively.
"Our analysis shows that, on average, routers contained 12 critical vulnerabilities and 36 high-risk vulnerabilities, across the entire sample," researchers said.
These are staggeringly large numbers...
Read more: