Independent Security Evaluators (ISE) discovered 125 different security vulnerabilities across 13 small office/home office (SOHO) routers and Network Attached Storage (NAS) devices. The vulnerabilities range from cross-site scripting (XSS) to buffer overflow, buffer overflow and operating system command injection (OS CMDi), authentication bypass, and file upload path traversal vulnerabilities. SOHOpelessly Broken 2.0 is a follow-up study by ISE security firm in 2013 when they disclosed 52 vulnerabilities in 13 SOHO routers and NAS devices from vendors including TP-Link, ASUS, and Linksys.
Source: https://thehackernews.com/2019/09/hacking-soho-routers.html