Beware of Linksys routers...
Talos said:Linksys ESeries Multiple OS Command Injection Vulnerabilities
Multiple exploitable OS command injection vulnerabilities exist in the Linksys E Series line of routers. An attacker can exploit these bugs by sending an authenticated HTTP request to the network configuration. An attacker could then gain the ability to arbitrarily execute code on the machine.
Home routers have become one of the main targets for malicious attacks. Although these vulnerabilities require the attacker to have already authenticated with the device, the vulnerabilities are serious as they allow a potential attacker full control over the device, which may include installation of additional malicious code.
Widespread internet-of-things attacks such as Mirai and VPNFilter show that attackers will keep their focus on discovering new vulnerabilities which would allow them to infect devices and conduct large scale as well as targeted attacks. These attacks are more difficult to detect and protection is available only after their manufacturers update the firmware and patch the vulnerability.
Keeping the device firmware up to date is crucial to avoid SOHO routers participating in a distributed denial-of-service (DDoS) attack or becoming an infection vector in an attack targeted to your organization.