Hackers have started exploiting two unpatched critical vulnerabilities found in GPON home routers. Unofficial patch released to help millions of affected users left vulnerable by manufacturer. At the time of writing, almost a million vulnerable GPON routers are still exposed on the Internet and can be easily hijacked. Users can protect their devices by disabling remote administration and using a firewall to prevent outside access from the public Internet. Users should either wait for official fixes or apply changes manually, when possible, to reduce the attack surface.
Source: https://thehackernews.com/2018/05/protect-router-hacking.html