A new security audit has uncovered up to 60 vulnerabilities with 22 different home and office broadband routers.
Some 22 brands were covered in the report, including top names such as, Huawei, Netgear, Zyxel, D-Link, Linksys, Belkin and Sagem.
The audit, conducted by a group of security researchers at Madrid University, found many of the routers contained a number of problems, ranging from Cross Site Scripting (XSS) vulnerabilities to Denial of Service (DoS) exploits, Privilege Escalation, Backdoors, USB Device Bypass Authentication, as well as vulnerabilities with Universal Plug and Play.
The problem routers include the Observa Telecom AW4062, Comtrend WAP-5813n, Comtrend CT-5365, D-Link DSL-2750B, Belkin F5D7632-4, Sagem LiveBox Pro 2 SP Amper Xavi 7968 and 7968+, Sagem Fast 1201, and Linksys WRT54GL.
Other routers affected include the Observa Telecom RTA01N, Observa Telecom Home Station BHS-RTA, Observa Telecom VH4032N, Huawei HG553, Huawei HG556a, Astoria ARV7510, Amper ASL-26555, Comtrend AR-5387un, Netgear CG3100D, Comtrend VG-8050, Zyxel P 660HW-B1A, Comtrend 536+, and the D-Link DIR-600.
Some of the affected devices have been rebranded and distributed by internet service providers throughout Europe.
While many UK ISPs have phased out the affected devices, there are still thought to be a number of consumers still using the old hardware.
The consequences in terms of security could be substantial, with hackers increasingly targeting vulnerable routers.
In contrast to software, which usually patches itself automatically, keeping routers secure is often the responsibility of users, particularly when it has not been supplied by an ISP.
Yet many consumers may find this a tricky business, given that the necessary processes for updating routers can often be confusing, while in some cases the manufacturers may have stopped support altogether.