Seven security flaws have been reported by security researchers in the last three or more months. One of these flaws was a remote code execution (RCE) issue that allows an attacker to take the router under his control without providing proper authentication credentials. Another flaw allowed an unauthenticated attacker to recover the router’s admin account password. The United States Computer Emergency Readiness Team (US-CERT) published a security alert warning users to stop using Netgear R6400 and R7000 models because of an unpatched security flaw.
Source: https://www.bleepingcomputer.com/news/security/zyxel-and-netgear-fail-to-patch-seven-security-flaws-affecting-their-routers/