Around six million Sky Broadband customer routers in the UK were affected by a critical vulnerability that took over 17 months to roll out a fix to customers. The disclosed vulnerability is a DNS rebinding flaw that threat actors could easily exploit if the user had not changed the default admin password, or a threat actor could brute-force the credentials.
Read full article on Bleeping Computer