Around 80 percent of the top 25 small office/home office (SOHO) wireless routers available on Amazon are susceptible to security vulnerabilities that put users at risk, according to research recently compiled by security and compliance company Tripwire.
The Tripwire Vulnerability and Exposure Research Team (VERT) also found that 34 percent of the top 50 best-selling routers have publicly documented exploits out in the wild.
"Unfortunately, users don't change the default administrator passwords or the default IPs in these devices and this behavior, along with the prevalence of authentication bypass vulnerabilities, opens the door for widespread attacks through malicious web sites, browser plugins, and smartphone applications," said Craig Young, Tripwire security researcher, in a press statement.
Companies and IT managers are urged to upgrade to the latest router firmware, understand using Wi-Fi Protected Setup (WPS) isn't secure, and change default IP addresses after installation of new wireless routers.
Even though most attention is on malware and malicious code able to steal personal information, routers are still popular to compromise so hackers can eavesdrop on traffic.