New Router Security Flaw Results in 'Complete Takeover'

Great. Just when you thought things couldn’t get any worse with your router’s stinky security and you were resigned to the idea of Russians hacking into it, there's another embarrassing security flaw that could result in “a complete takeover of your router.”

Credit: Shutterstock

(Image credit: Shutterstock)

Those are the conclusions of new research by VPN review site TheBestVPN as reported by Techradar. The site claims that it only takes some basic javascript code to break in.

This means that one single visit to a simple web page or even just clicking on an image will allow hackers to launch “router functionalities” that can provide access to your personal data. This breach, the report says, may allow hackers to gain total control of your router.

MORE: The One Router Setting Everyone Should Change (But No One Does)

TheBestVPN alleges that the security hole affects routers by D-Link, ZTE, and NetGear. Back in May, the latter was also singled out as vulnerable to external attacks along with models from Linksys, TP-Link, and MicroTik.

The VPN site points its body snatching finger at the Netgear DGN2200 and DGN2200M, the Dlink DIR-300, and the ZTE F660, but other models may be affected.

Although it's not surprising given the source, the report advises to use a VPN to avoid this problem or patch the routers as soon as possible. However, it doesn’t tell if patches for this hole are available yet.

The latest Netgear DGN2200 patch, for example, is from September 2017, and it’s unclear if this would fix this problem. We reached out to TheBestVPN founder and cybersecurity expert John Mason to ask for more details but we haven’t received any response yet. We will update as soon as we get more information.