German Fraunhofer Institute for Communication (FKIE) has published one report about the security of routers for the home market, and that is bleak reading.
Of 127 routers tested from seven manufacturers, 46 had not received a single security update in the past year and many of the routers have known security flaws that can be exploited by hackers, writes ZDNet.
FKIE also discovered that several manufacturers have sent updates to the base software to their routers without obscuring known deficiencies, so even if users install the latest updates, it may not make their routers safe from intrusion.
According to FKIE, Asus and Netgear are better at security than D-Link, Linksys, TP-Link and Zyxel. German AVM was the only manufacturer that did not reveal private encryption keys in the basic software. By comparison, the Netgear R6800 had 13 private keys freely available.
Most of the routers run a version of Linux, but many have not been updated for very long. Over a third are still running version 2.6.36 of the Linux kernel, or even older. 2.6.36 was released in 2011.
Some routers support third-party software such as Openwrt, so you can keep your router updated even if the manufacturer has stopped sending updates.