At least two Netgear routers are vulnerable to a command injection flaw that is easy to exploit and could lead to the total takeover of the routers. This was disclosed yesterday, December 9th, and there has, as yet, been no response from Netgear. It’s not clear, to me at least, whether the vulnerability can be exploited remotely, from the LAN side of the router or both. If it is locally exploitable, then using a non-standard IP address for the router should offer some defense. Netgear performed well in regard to the NetUSB flaw back in May 2015.”]
Source: https://www.computerworld.com/article/3148680/easily-exploited-netgear-router-flaw-discovered.html