An unpatched zero-day vulnerability exists in 79 Netgear router models that allow an attacker to take full control over vulnerable devices remotely. The vulnerability lies in the HTTPD daemon used to manage the router. Vulnerability was discovered independently by cybersecurity firm Grimm and d4rkn3ss from Vietnam’s VNPT ISC (through Zero Day Initiative), the vulnerability was reported to Netgear on January 8th, 2020, and a disclosure date of June 15th was agreed upon.
Source: https://www.bleepingcomputer.com/news/security/79-netgear-router-models-risk-full-takeover-due-to-unpatched-bug/