The paper shows how through JavaScript, hosted on a malicious web site, an attacker can change a router with a default password, taking it over. The authors note that this type of attack has serious widespread implications and affects many millions of users worldwide. The problem can be mitigated by resetting the default passwords within the router or wireless access point The survey by the Pew Internet & American Life Project showed that 34 percent of Internet users have gone online through Wi-Fi service or a cell phone network.”]
Source: https://www.cuinfosecurity.com/router-default-passwords-prone-to-aoedrive-by-pharminga-a-405